From be92d591b1693d992dd83178456df63e5d3b3ebb Mon Sep 17 00:00:00 2001
From: Sebastian Mendel <cybot_tm@users.sourceforge.net>
Date: Fri, 2 Mar 2007 16:07:47 +0000
Subject: [PATCH] changed message for possible exploit detection

---
 libraries/common.lib.php | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/libraries/common.lib.php b/libraries/common.lib.php
index 0438c3c7f..cb40ac66c 100644
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
@@ -2704,14 +2704,10 @@ if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])
 }
 
 /**
- * protect against deep recursion attack CVE-2006-1549,
- * 1000 seems to be more than enough
- *
- * @see http://www.php-security.org/MOPB/MOPB-02-2007.html
- * @see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1549
+ * protect against possible exploits - there is no need to have so much vars
  */
-if (count($GLOBALS) > 1000) {
-    die('possible deep recurse attack');
+if (count($_REQUEST) > 1000) {
+    die('possible exploit');
 }
 
 /**