Greetings and Salutations My Fellow Programmers! I have recently discovered a security flaw that I have reported to the Adobe team regarding the use of the variable cgi.host_name.
As you know, the cgi.host_name is typically the hostname of the server or the websites domain name. I've discovered an exploit that allows a user to basically change this variable to anything they want for the user's current session. This exploit could be spread across sessions in instances where a website is caching absolute links using the cgi.host_name variable. It could also be used to take advantage of applications that assume the cgi.host_name variable is a constant, therefore developed applications don't take precautions to sanitize this variable before inserting it into a database could have issues. Just wanted to give the community a heads up on this. :) Regards, Paul Alkema http://paulalkema.com/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:344500 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
