Just a heads up.. Spamming exploit

This might not be an issue on your box but you might want to take a quick look and save yourself some headaches.


A very popluar calendar script http://www.calendarscript.com/ has an exploit that we just learned (the hard way) . The version 3.2 and older allows a 3rd party to upload and execute programs via your customers CGI-Bin. Here is more info.
http://www.much2.com/calendarscript/index.html


This is a few weeks old but we just got tagged by it.


Thought I would share just in case.

Robert

 

 

 

 

Top