what cfmx context are you talking about?
....tony
r e v o l u t i o n w e b d e s i g n
[EMAIL PROTECTED]
www.revolutionwebdesign.com
its only looks good to those who can see bad as well
-anonymous
-----Original Message-----
From: Richard Crawford [mailto:[EMAIL PROTECTED]
Sent: Monday, February 09, 2004 12:28 PM
To: CF-Talk
Subject: Security Issue?
We've discovered that if go to our website, and remove the "cfmx"
context root from the URL, you can see the Cold Fusion code behind the
website.
I'm guessing that this is probably due to a configuration error
somewhere in our system. I'm not sure how much of a security risk this
is since we send no information in the clear and all of our database
interactions are done through stored procedures, but it's still
obviously something I'd like to take care of.
We're using
Cold Fuxion MX (pre 6.1, but with latest patches applied)
JRun 4 (latest patches applied)
Apache 2.0.44
Solaris 9
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
