[thelist] CF Freebie

Frank framar at interlog.com
Mon Dec 18 22:48:47 CST 2000

>  As a side note to this, everyone who runs IIS and CF (or
>  ASP) should check to make sure they are not vulnerable
>  to the ::$DATA or +.htr hack. To check, go to any CF
>  page (or ASP), like www.myserver.com/foo.cfm, and add
>  ::$DATA or +.htr to the end of the URL. If the CF(ASP)
>  source code shows up, your vulnerable.

Is there are central repository of this sort of thing, with the known fixes?

Frank Marion                      Loofah Communications
frank at loofahcom.com               http://www.loofahcom.com

More information about the thelist mailing list