Bugtraq mailing list archives
Re: New Allaire Security Zone Bulletins and KB Article
From: lvhc () URBAN-A NET (x-empt [ lvhc / lou ])
Date: Thu, 29 Jul 1999 23:24:36 -0700
Read on...
ASB99-10: Addressing Potential Security Issues with Undocumented CFML Tags and Functions Used in the ColdFusion Administrator
By not documenting tags (and the weak encryption scheme of CFML), Allaire is starting to become like Microsoft, believing in security through obscurity. One has to question security through obscurity once again. This is the SECOND major problem from Allaire in recent months that is partially attributed to security through obscurity. (The first being the "encryption" of CFML pages). x-empt
Current thread:
- Re: New Allaire Security Zone Bulletins and KB Article x-empt [ lvhc / lou ] (Jul 29)
- <Possible follow-ups>
- Re: New Allaire Security Zone Bulletins and KB Article Matt Chapman (Jul 30)