This would confirm which patches are missing: http://www.hackmycf.com/
-- Shu Ha Ri: Agile and .NET blog http://www.bifrost.com.au/ On 24 February 2012 02:46, Pete Freitag <p...@foundeo.com> wrote: > > On Wed, Feb 22, 2012 at 7:55 PM, Ras Tafari <rastaf...@gmail.com> wrote: > > > any idea how they were able to get the file that ran into the cfide > > directory? and what might prevent that part? > > that's the most haunting part to him. i said it was probably a > > windows exploit first... not sure tho. > > > > If they are running CF8 without security hotfixes then there is a really > good chance that it was the FCKeditor vulnerability: > http://www.adobe.com/support/security/bulletins/apsb09-09.html > > But there are also so many other things ways they could have done it. The > bottom line is you want to make sure you have all security hotfixes in > place, and then make sure everything is running with the least possible > privilege. Otherwise its pretty easy to take control of your server! > > -- > Pete Freitag - Adobe Community Professional > http://foundeo.com/ - ColdFusion Consulting & Products > http://petefreitag.com/ - My Blog > http://hackmycf.com - Is your ColdFusion Server Secure? > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:350086 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm