Band-Aids and duct tape... Filtering for known attacks: moderately useful as a stop gap if you are in the middle of an attack.
Holistic approach to seal the original vulnerability against ALL current and future attacks (cfqueryparam): highly desirable. ~Brad -----Original Message----- From: james carberry [mailto:[EMAIL PROTECTED] Sent: Monday, July 21, 2008 12:54 PM To: CF-Talk Subject: Re: (ot) URL Hack Attempt Leaves Me Scractching My Head... Even easier than monkeying with every single one of your cfquery's.... just add following line to the TOP of all your application.cfm's: <cfif cgi.SCRIPT_NAME contains "EXEC(" OR cgi.PATH_INFO contains "EXEC(" OR cgi.QUERY_STRING contains "EXEC("><cfabort></cfif> This will immediately shut down execution of any CFM that this piece of trash tries to invoke to execute this particular type of SQL for. peace, j ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:309363 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
