yes, the =20 was from the email. it's how some HTML email gets formatted
sometimes. i think it might have something to do with LDAP, but i'm not 100%
sure about that. either way, i don't think it's part of what you should be
concerned about.
-----Original Message-----
From: Priscilla Yamin [mailto:[EMAIL PROTECTED]]
Sent: Friday, May 04, 2001 6:29 AM
To: CF-Server
Subject: Re: viewing source code
Thanks, that explains what happened. I don't know where the =20 came from
in this email??
I thought we had all the latest option packs for NT and Cold Fusion. I will
research this out.
Thanks again.
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: "CF-Server" <[EMAIL PROTECTED]>
Sent: Friday, May 04, 2001 2:46 AM
Subject: RE: viewing source code
>
> Well I don't know anything about the .=20 or so but there is well know IIS
> bug that allows to view the source code (vulnerabilities issues) through
the
> browser. To reproduce the problem append the +.htr to the URL of a CFML
page
> (ex. http://yourdomain/index.cfm+.htr. If you did not apply patch (there
is
> a patch available, check Allaire site) you'll be able to see all CFML code
> of template when viewing HTML source code. If you did not apply the patch
> yet, I would definitely recommend to do so ASAP.
>
> If anybody has exact URL where to download the patch, please post that
here,
> so somebody does not have to waste his/her time on searching for it.
>
>
> Thank you,
>
> Rastislav Toscak
> Senior Applications Developer
> G.Triad
> Tel : 973.428.9600 x7509
> Fax : 973.428.1112
> [EMAIL PROTECTED]
> http://www.gtriad.com
>
>
> -----Original Message-----
> From: Priscilla Yamin [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, May 03, 2001 12:59 PM
> To: CF-Server
> Subject: viewing source code
>
>
> This is a multi-part message in MIME format.
>
> ------=_NextPart_000_0058_01C0D3EA.088CB120
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> Someone sent me an email that said our IIS server has a well known bug =
> that allows people to view the CF source code.=20
>
> Is anyone familiar with this? And is this something to be concerned =
> about?
>
>
>
> ------=_NextPart_000_0058_01C0D3EA.088CB120
> Content-Type: text/html;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> <META http-equiv=3DContent-Type content=3D"text/html; =
> charset=3Diso-8859-1">
> <META content=3D"MSHTML 6.00.2462.0" name=3DGENERATOR>
> <STYLE></STYLE>
> </HEAD>
> <BODY bgColor=3D#ffffff>
> <DIV><FONT face=3DArial size=3D2><FONT face=3D"Times New Roman" =
> size=3D3>Someone sent me=20
> an email that said our IIS server has a well known bug that allows =
> people to=20
> view the CF source code. <BR><BR>Is anyone familiar with this? And is =
> this=20
> something to be concerned =
> about?</FONT><BR><BR></FONT></DIV></BODY></HTML>
>
> ------=_NextPart_000_0058_01C0D3EA.088CB120--
>
> --------------------------------------------------------------------------
--
> --
> To unsubscribe, send a message to [EMAIL PROTECTED] with
> 'unsubscribe' in the body or visit the list page at www.houseoffusion.com
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
------------------------------------------------------------------------------
To unsubscribe, send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body or visit the list page at www.houseoffusion.com
