Forgot to include another link that may help you http://www.securitytracker.com/alerts/2003/Jan/1006023.html
Cheers --- [EMAIL PROTECTED] wrote: > Hello Weekenders, > > I'm sure most of you got the MM Security bulletin > the other day > (http://www.macromedia.com/security). I am trying to > figure out what the > security breach is if the steps outlines in the > Security Bulletin are not > taken. It doesn't describe what level of access an > attacker could gain > through this exploit. And since we use the SES Url's > > (mysite.com/index.cfm/myvar/myvarvalue/), I can not > easily implement this > security fix because checking the "check that file > exists" box in IIS > causes 404's since, the file name is buried in the > query string. > > So If any one can fill me in on the severity of this > exploit and then I can > appropriately decide if I need to make some serious > changes to multiple > sites or find an alternative. > > Thanks > > Brook Davies > maracasmedia > > > __________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4