All,
I received a new HackMyCF report on one of my sites earlier... It had a
brand new "CRITICAL" error that I never saw before...
ComponentUtils Exposed to the Public
The /CFIDE/componentutils/ directory is open to the public it should
be locked down to prevent exploit.
I went and immediately locked it down like my existing administrator and
and adminapi directories...
Is this related to all the compromised servers in the past month?
Ok, I did some searching and I found out that yes, this directory is
listed by adobe in their latest security bulletin. (and I assume is
related to the recent hacks...) However, I think that it is important to
share with the group...
On 01/03/2013 08:50 AM, Cameron Childress wrote:
FYI - worth reading up on this.
http://www.carehart.org/blog/client/index.cfm/2013/1/2/serious_security_threat
http://www.carehart.org/blog/client/index.cfm/2013/1/2/Part2_serious_security_threat
-Cameron
--
Cameron Childress
--
p: 678.637.5072
im: cameroncf
facebook <http://www.facebook.com/cameroncf> | twitter
<http://twitter.com/cameronc> | google+
<https://profiles.google.com/u/0/117829379451708140985>
-------------------------------------------------------------
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform
For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------
