LPM: security problems with formmail.pl
Matt Cashner
sungo at qx.net
Tue Mar 20 08:50:28 CST 2001
On Tue, 20 Mar 2001, David Pitts wrote:
> All,
> As part of a security list, I received the following concerning Matt
> Wright's formmail.pl program. Obviously, you want to make sure you are not
> using formmail.pl, but also, that you are not doing the same thing yourself.
actually this hole and many others like it have been known for eons in Matt
Wright's code. Wright even knows about them, admits them, and refuses to
fix them. the real question is: why are you (general you, not anyone in
specific) still using Matt Wright's b0rk3n perl4 code?
--------
Matt Cashner
Web Applications Developer
The Creative Group (http://www.cre8tivegroup.com)
eek at eekeek.org | Codito, ergo sum
More information about the Lexington-pm
mailing list