yes, the =20 was from the email. it's how some HTML email gets formatted sometimes. i think it might have something to do with LDAP, but i'm not 100% sure about that. either way, i don't think it's part of what you should be concerned about.
-----Original Message----- From: Priscilla Yamin [mailto:pyamin@valencia.cc.fl.us] Sent: Friday, May 04, 2001 6:29 AM To: CF-Server Subject: Re: viewing source code
Thanks, that explains what happened. I don't know where the =20 came from in this email?? I thought we had all the latest option packs for NT and Cold Fusion. I will research this out. Thanks again.
----- Original Message ----- From: <rastislavt@gtriad.com> To: "CF-Server" <cf-server@houseoffusion.com> Sent: Friday, May 04, 2001 2:46 AM Subject: RE: viewing source code
> > Well I don't know anything about the .=20 or so but there is well know IIS > bug that allows to view the source code (vulnerabilities issues) through the > browser. To reproduce the problem append the +.htr to the URL of a CFML page > (ex. http://yourdomain/index.cfm+.htr. If you did not apply patch (there is > a patch available, check Allaire site) you'll be able to see all CFML code > of template when viewing HTML source code. If you did not apply the patch > yet, I would definitely recommend to do so ASAP. > > If anybody has exact URL where to download the patch, please post that here, > so somebody does not have to waste his/her time on searching for it. > > > Thank you, > > Rastislav Toscak > Senior Applications Developer > G.Triad > Tel : 973.428.9600 x7509 > Fax : 973.428.1112 > rastislavt@gtriad.com > http://www.gtriad.com > > > -----Original Message----- > From: Priscilla Yamin [mailto:pyamin@valencia.cc.fl.us] > Sent: Thursday, May 03, 2001 12:59 PM > To: CF-Server > Subject: viewing source code > > > This is a multi-part message in MIME format. > > ------=_NextPart_000_0058_01C0D3EA.088CB120 > Content-Type: text/plain; > charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > > Someone sent me an email that said our IIS server has a well known bug = > that allows people to view the CF source code.=20 > > Is anyone familiar with this? And is this something to be concerned = > about? > > > > ------=_NextPart_000_0058_01C0D3EA.088CB120 > Content-Type: text/html; > charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> > <HTML><HEAD> > <META http-equiv=3DContent-Type content=3D"text/html; = > charset=3Diso-8859-1"> > <META content=3D"MSHTML 6.00.2462.0" name=3DGENERATOR> > <STYLE></STYLE> > </HEAD> > <BODY bgColor=3D#ffffff> > <DIV><FONT face=3DArial size=3D2><FONT face=3D"Times New Roman" = > size=3D3>Someone sent me=20 > an email that said our IIS server has a well known bug that allows = > people to=20 > view the CF source code. <BR><BR>Is anyone familiar with this? And is = > this=20 > something to be concerned = > about?</FONT><BR><BR></FONT></DIV></BODY></HTML> > > ------=_NextPart_000_0058_01C0D3EA.088CB120-- > > -------------------------------------------------------------------------- -- > -- > To unsubscribe, send a message to cf-server-request@houseoffusion.com with > 'unsubscribe' in the body or visit the list page at www.houseoffusion.com > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm ------------------------------------------------------------------------------ To unsubscribe, send a message to cf-server-request@houseoffusion.com with 'unsubscribe' in the body or visit the list page at www.houseoffusion.com
CF-Server
Dylan Bromby