Announcement

Collapse
No announcement yet.

formmail - Verio advisory

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    formmail - Verio advisory

    Seen today at Verio ............

    Verio requires that web hosting customers remove any & all of the third p arty feedback scripts with naming convention of formmail.* -- regardless of lettering case or extension -- from their web sites immediately. Some examples are: formmail.pl, formmail.php, FormMail.php3, etc. These scripts are exploitable and your account could be or may have already been used as a gateway to send spam to thousands of Internet e-mail addresses without your knowledge.
    Stephen Thomas [Mosaici] - "Life is too short to waste on weak thermals"

    #2
    This would only apply to those where the email address that replies are being sent to isn't hardcoded into the script.

    I'm fairly confident that actinics form script cannot be used to send spam, other than possibly spam to the website owner.

    Mike
    -----------------------------------------

    First Tackle - Fly Fishing and Game Angling

    -----------------------------------------

    Comment


      #3
      the script from here

      http://nms-cgi.sourceforge.net/scripts.shtml

      hides emsil in the cgi so is secure from spammers

      Comment

      Working...
      X