Nope. It's a ColdFusion thing as well.
Here's the official Allaire Security bulletins site:
http://www.allaire.com/developer/securityzone/
You may also want to sign up on their mailing list. (the bulletins come out every
few months or so).
---mark
--------------------------------------------------------------
Mark Warrick
Phone: (714) 547-5386
Efax.com Fax: (801) 730-7289
Personal Email: [EMAIL PROTECTED]
Personal URL: http://www.warrick.net
Business Email: [EMAIL PROTECTED]
Business URL: http://www.fusioneers.com
ICQ: 346566
--------------------------------------------------------------
> -----Original Message-----
> From: Peter Theobald [mailto:[EMAIL PROTECTED]]
> Sent: Friday, October 06, 2000 9:40 AM
> To: CF-Talk
> Cc: James Dunham
> Subject: Re: A list of known security holes?
>
>
> I thought +htr was an ASP security bug only?
>
> At 11:30 AM 10/6/00 -0400, Nadir Ait-Laoussine wrote:
> >This message is in MIME format. Since your mail reader does not
> understand
> >this format, some or all of this message may not be legible.
> >
> >------_=_NextPart_001_01C02FAA.59D650C2
> >Content-Type: text/plain;
> > charset="iso-8859-1"
> >
> >Hello all;
> >
> >Does anyone know of a good web site that lists the security
> holes with all
> >the major web servers / CF server / Databases.
> >I recently came across the .+htr hole and am wondering about any other
> >things that should be looked at.
> >
> >Thanks
> >
> >Nadir
> >
> >------_=_NextPart_001_01C02FAA.59D650C2
> >Content-Type: text/html;
> > charset="iso-8859-1"
> >
> ><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> >Hello all;
> >
> >Does anyone know of a good web site that lists the security
> holes with all the major web servers / CF server / Databases.
> >I recently came across the .+htr hole and am wondering about any
> other things that should be looked at.
> >
> >Thanks
> >
> >Nadir
> >
> >------_=_NextPart_001_01C02FAA.59D650C2--
> >-----------------------------------------------------------------
> -------------
> >Archives: http://www.mail-archive.com/[email protected]/
> >To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf
_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the
body.
---------------------------------------------------------------------------
Peter Theobald, Chief Technology Officer
LiquidStreaming http://www.liquidstreaming.com
[EMAIL PROTECTED]
Phone 1.212.545.1232 x204 Fax 1.212.545.0938
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebarRsts&bodyRsts/cf_talk or send a message
to [EMAIL PROTECTED] with 'unsubscribe' in the body.
