ZDNet Names 'ColdFusion Exploit' and RDS Hole Number 1 Security Problems of 1999
To compound this, ZDNet called the hole a vulnerability in Allaire's ColdFusion Server (rather than explaining that the problem was in the placement of the Allaire documentation). This gives a false impression that Allaire's systems have an innate vulnerability.
The ColdFusion Exploit was not, in our humble opinion, the scourge that the ZDNet article makes it out to be. Think of the thousands upon thousands of computers affected by Melissa. ZDNet lists the number of sites affected by the ColdFusion Exploit as "more than 100." These numbers can hardly compare.
According to Michael Dinowitz, "Anyone can go to any hacker site and find every site that was hacked using the ColdFusion hole. I doubt they'll find more than a couple of dozen. Not the 'more than 100' quoted by ZDNet. I truly believe that the news of this exploit has been exploited by others."
ZDNet Article (http://www.zdnet.com/zdnn/stories/news/0,4586,2413514,00.html)
Latest ColdFusion Talk (CF-Talk)
- How to prevent cfhtmlhead content from being inserted into cfmail
- Question for UK List Members
- Excel 2003/2007 Recalculating Interaction
- Coldfusion Hosting
- query of query strange error
- Problems verifying integers
- CFHIGHCHARTS
- Need to get at browser size and Flash support
- CFHTTP in Distributed Mode
- Access laptop from iPad
Latest ColdFusion Jobs (CF-Jobs)
- Contract to Hire in Irvine, CA
- Telecommute Contract Position - Mid to Experienced ColdFusion Programmers Only
- Need a Coldfusion Developer at Woodlawn MD for a Long Term Contract
- (JOB) ColdFusion Programmer Needed (Ocean Isle Beach, NC) Raleigh,NC
- Cold Fusion SQL Server and JavaScript Developer
- (JOB) ColdFusion Programmer Needed (Ocean Isle Beach,NC) Wilmington,NC
- *** Professional Services Available For Hire
- (2) ColdFusion Experts to support FAA Senior Executives
- (JOB) ColdFusion Developer in Florida!!!
- (JOB) ColdFusion Programmer (Denver)
