Thanks for posting this Billy On Jan 3, 2013 4:02 PM, "Billy Cravens" <[email protected]> wrote:
> If you're on Adobe ColdFusion, read this: > > > http://www.carehart.org/blog/client/index.cfm/2013/1/2/Part2_serious_security_threat > > quick version: it's a security hole that allows attacker to write a .cfm > using AdminAPI. Once that happens, all bets are off: they have the full > power of CF at their disposal. > > Keep in mind that current hot fixes don't address this - you need to lock > down specific resources on your servers. > > As far as I know this affects only Adobe ColdFusion. > > > -- > Billy Cravens > > -- > You received this message because you are subscribed to the "Houston > ColdFusion Users' Group" discussion list. > To unsubscribe, send email to [email protected] > For more options, visit http://groups.google.com/group/houcfug?hl=en > -- You received this message because you are subscribed to the "Houston ColdFusion Users' Group" discussion list. To unsubscribe, send email to [email protected] For more options, visit http://groups.google.com/group/houcfug?hl=en
