[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] [RaQ3]Formmail widely server security

Subject: Re: [cobalt-users] [RaQ3]Formmail widely server security
From: flash22@xxxxxxx
Date: Sun Feb 3 15:39:12 2002
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

On Sun, 3 Feb 2002, Jeff Lasman wrote:
> 
> The problem of course is that our customers can run CGI, and they will. 
> And they'll find FormMail.  Usually an old version <frown>.  We now only
> allow FormMail.pl v.1.9s on our systems, but it's not easy to enforce

I talked with someone the other day who did a sneaky trick, he aliased
'formail.pl' to an error document server wide, so people installing it 'as
is' couldn't execute it, the users who are inclined to install 3 year old
versions generally don't realize they can simply rename it, and it also
quenches some of the tools that search for exploitable formail's....
[eg, he requires them to name it something else, like 'feedback.pl'

It's a somewhat odd solution, bit i thought it was kind of clever..

gsh

Follow-Ups:
- Re: [cobalt-users] [RaQ3]Formmail widely server security
  - From: baltimoremd

References:
- Re: [cobalt-users] [RaQ3]Formmail widely server security
  - From: Jeff Lasman

Prev by Date: [cobalt-users] Migrating sites from a raq 3 to another raq3
Next by Date: Re: [cobalt-users] Qube access over W2K domain
Previous by thread: Re: [cobalt-users] [RaQ3]Formmail widely server security
Next by thread: Re: [cobalt-users] [RaQ3]Formmail widely server security

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index