[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] CGI Wrap Errors? Help!?!?

Subject: RE: [cobalt-users] CGI Wrap Errors? Help!?!?
From: "Dee Dreslough" <dee@xxxxxxxxxxx>
Date: Fri Apr 6 18:49:38 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

>We are having problems trying to get a FormMail.cgi to work
>on the Raq4i.  (We have all the patches from Cobalt's download
>section for the 4i.)  The FormMail is from Matt Script's
>archive, so I guess its pretty much standard.  It won't
>execute and seems to be returning a CGI-wrap error.

It may be a big of a blessing that FormMail won't work for you... (I wonder
if FormMail.cgi is the same as FormMail.pl?)

FormMail has a big security error in it that allows anyone to pass junk mail
through it via your server.  The 'Check Referrer' routine doesn't stop this,
either.

What you should/can do is code in the recipients in the part of the code
that generates the mail, and at any part where the value for 'email' is
assigned.  And, rename the script to something other than FormMail.pl or
FormMail.cgi, so people who've written script-hunting programs won't find
your FormMail and exploit it.

-Dee Dreslough
Raq3 Kinda-Newbie... :)

References:
- [cobalt-users] CGI Wrap Errors? Help!?!?
  - From: Samuel Koh

Prev by Date: [cobalt-users] qpopper errors
Next by Date: [cobalt-users] RaQ - Majordomo Site Admin Bounce Messages
Previous by thread: Re: [cobalt-users] CGI Wrap Errors? Help!?!?
Next by thread: Re: [cobalt-users] CGI Wrap Errors? Help!?!?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index