Re: Is anyone on the list using "formmail" CGI script on their RH Apache implementations?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

At 09:59 AM 1/26/2005, Jason Dixon wrote:

I don't use FormMail.pl. As best I recall, it has had a history of security holes.

I believe the major problem is when you specify the recipient on a hidden form field. This makes a script available for hijacking to send spam from; stealing the webmaster's bandwidth and damaging their reputation. Or worse than that...

Marty


Marty Landman, Face 2 Interface Inc. 845-679-9387
Search & Sort Easily: http://face2interface.com/Products/FormATable.shtml
Web Installed Formmail: http://face2interface.com/formINSTal

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]

  Powered by Linux