I would say that most folks running their own web server with no previous expereince usually do leave great big holes. running every site under the default iis user not removing everyone group from drives not sandboxing coldfusion these things can allow code in any sites to read/read to any other site, including the default website where the cfide lives.
On Thu, Feb 23, 2012 at 4:50 AM, Tony <[email protected]> wrote: > > I didnt, was in a meeting, fwd'd all msgs to him and didn't go back and > read... but it wouldn't hurt to read myself :) > > On Wednesday, February 22, 2012, Dave Watts wrote: > > > > > > any idea how they were able to get the file that ran into the cfide > > > directory? and what might prevent that part? > > > that's the most haunting part to him. i said it was probably a > > > windows exploit first... not sure tho. > > > > Did you read my initial response? It describes the likely > > possibilities for writing a file. > > > > It probably wasn't a Windows exploit actually, unless you happen to be > > running Windows 2000 or something. IIS and Windows are fairly secure > > "out of the box" and don't have remote exploits that let you write > > files via HTTP requests, unless you enable WebDAV. > > > > Dave Watts, CTO, Fig Leaf Software > > http://www.figleaf.com/ > > http://training.figleaf.com/ > > > > Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on > > GSA Schedule, and provides the highest caliber vendor-authorized > > instruction at our training centers, online, or onsite > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:350065 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
