Help with cgi script attack
Jeff Ratliff
jefrat at fuse.net
Sun Mar 19 01:06:07 UTC 2006
On Fri, Mar 17, 2006 at 10:36:22PM -0800, Knute Johnson wrote:
> I need some help finding the correct place to go to get specific
> help. We have a script that uses sendmail to send form data to the
> site owner. Last night somebody managed to use it to send thousands
> of spam emails. I need to find the right place to ask about the
> script to determine exactly how the attack was accomplished so we can
> fix the script. Any direction would be greatly appreciated.
>
As others have said, it depends on the language. CGI that accepts input and
does something with it (especially mail) is easy to exploit.
Here is a site that has some specifics:
<http://www.w3.org/Security/Faq/www-security-faq.html>
It's a general FAQ on security on the web, but it has good info on CGI. If
you're using Perl, check out "taint mode," which keeps scripts from usinng
insecure variables. Try 'perldoc perlsec' for more info.
More information about the fedora-list
mailing list