Anyone use ScanAlert.com's HackerSafe product? They scan your website to look for security vulnerabilities and let you know when they find any. Well there's something called a Server Side Include Injection vulnerability which apparently can sometimes allow a hacker to access data and services they shouldn't, but even if they fail at that it is still considered a vulnerability to expose to a hacker the files and paths and error messages that may be generated.
So today I got an alert from ScanAlert telling me that a site I manage has a vulnerability when this code is passed after the domain/ : '+serverRootUrl+'/s7ondemand/misc/email2friend.jsp ColdFusion sees this in its PATH_INFO but I have been unable to capture the information to deal with it appropriately (normally I'd just redirect to the homepage and show no error message) with code like CFIF CGI.PATH_INFO CONTAINS "serverRootUrl". But even though it's in the PATH_INFO it's not recognized for some reason, so I haven't been able to find a way to stop the License Exception error that gets thrown and displays all kinds of data to potential hackers. I thought it would be interesting to show how the same vulnerability can be exposed on some of the websites referenced on this list lately, and see if anyone has a good solution to not showing so much information about the errors generated to hackers. 1) Dave Watts is always on top of things, Dave how should you deal with this? http://www.figleaf.com/'+serverRootUrl+'/s7ondemand/misc/email2friend.jsp 2) The same error style can be seen at http://fusion.dominicwatson.co.uk/'+serverRootUrl+'/s7ondemand/misc/email2friend.jsp and http://flexcf.com/'+serverRootUrl+'/s7ondemand/misc/email2friend.jsp and http://learncf.com/'+serverRootUrl+'/s7ondemand/misc/email2friend.jsp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;192386516;25150098;k Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:305091 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
