Yes.
/charlie
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Ajas Mohammed
Sent: Thursday, April 11, 2013 2:51 PM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] Re: New CF Vulnerability - Check your servers
Thanks Cameron.
There were 2 more hotfixes
Thanks Cameron.
There were 2 more hotfixes released after this for CF 9.0 (in our
case).Looks like hotfix 3 includes 2 as well. So, if someone doesnt apply
hf2, He can use hf3 and be up to date right(with hf2 included). I am I
correct in this assumption? Can someone confirm please?
hf 2 --
One more post about this exploit to remind (scare you into) applying the
hotfix.
http://breenmachine.blogspot.com/2013/03/cool-coldfusion-post-exploitation.html
-Cameron
On Thu, Jan 3, 2013 at 8:50 AM, Cameron Childress camer...@gmail.comwrote:
FYI - worth reading up on this.