Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

• WARNING security hole was (Re: Simple Email Script)

by merlyn (Sage)
on Mar 07, 2002 at 19:31 UTC ( [id://150100]=note: print w/replies, xml ) Need Help??


in reply to Simple Email Script

Ow! If you don't know what you're doing, please don't put random CGI scripts up on a net-available server!

In particular, this combination of lines:

$firstname=param('firstname'); ... print MAIL "From: $from ($firstname)\n";
means that I can pass a newline-embedded string in the firstname parameter, and get a remote spam-sender or denial-of-service annoyer, courtesy of your script.

Please. CGI is not for casual users.

-- Randal L. Schwartz, Perl hacker

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://150100]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others about the Monastery: (6)
As of 2024-09-18 11:09 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    The PerlMonks site front end has:





    Results (24 votes). Check out past polls.

    Notices?
    erzuuli‥ 🛈The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.