ush.it - a beautiful place

FormMail 1.92 Multiple Vulnerabilities

May 12, 2009 at 4:19 am - Filed under Hacks, Language EN - 1928 words, reading time ~6 minutes - Permalink - Comments

Do you remember FormMail? I hope so. It's PERL code belonging to the past, the glorious 1995 Internet era. FromMail is a CGI script used to create contact forms, but not a common one, it's historical with millions of downloads and has a dedicated Wikipedia page (http://en.wikipedia.org/wiki/FormMail). By the way it's still used in both small and big deployments. FromMail development stopped in 1996, with the exception of security updates and the last security issue is from April 19, 2002. Now one could expect a software to be bugfree after 13 years of feature freeze and "stable" status. Well.. this is why we are here : ) Don't expect code execution, just enjoy the reading.

Reed's Alert! Got something burning? Tell USH team.
THP USH Wisec DigitalBullets