If you are still being affected by the attack, then you still have one or more vulnerable queries somewhere with access to that database.
Did you use a code scanner like QueryParam Scanner from RiaForge to search the ENTIRE code base for missing cfqueryparams? Also, find out the user your ColdFusion data sources use to access the database. Revoke select permissions to sysobjects and syscolumns to that user. This will cause an error to occur when the attack hits a vulnerable query. (Run a test to confirm this) Do you have a site-wide error handler that E-mails you when errors occur. This will tip you off to where the hackers are gaining entry. ~Brad ----- Original Message ----- From: "Bo Reahard" <[EMAIL PROTECTED]> How does it defeat the cfquery param tags that are now in all my queries? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:309551 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
