http://docs.securesites.com/en_help/formmail_security_problems.htm
------------------------ FormMail is a special script designed to allow you to send email messages based on the input from an HTML form on your Web site. The original FormMail script was first made available at Matt's Script Archive. If you are using this version on any of your html pages, you are vulnerable to a number of significant security holes that allow malicious users to relay messages through the server. ------------------------ Much more at the URL listed above. Noteworthy: this article only mentions that the original version had vulnerabilities.... So maybe the most recent version has been plugged? Further looking turned up this: http://www.psoft.net/HSdocumentation/sysadmin/adding_cgi_scripts.html ---------------------- upgrade to the newest version (1.92) to eliminate security holes in the previous versions ---------------------- HTH, Casey ____ � The WDVL Discussion List from WDVL.COM � ____ To Join wdvltalk, Send An Email To: mailto:[EMAIL PROTECTED] Send Your Posts To: [EMAIL PROTECTED] To change subscription settings to the wdvltalk digest version: http://wdvl.internet.com/WDVL/Forum/#sub ________________ http://www.wdvl.com _______________________ You are currently subscribed to wdvltalk as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED]
