Results 1 to 3 of 3
  1. #1
    Join Date
    Jul 2002

    Question Buggy Version of Formmail ??

    Hello Every one,

    a client of mine is using a formmail from NMS called nms-formmail ver. Formmail Version 1.00 (cvs v1.87)

    Could any one tell me whether this version contains the infamous exploit , and also list all the versions that contain the exploit and which one is secure to use.


  2. #2
    Join Date
    Apr 2002
    I have heard that the NMS formmail is secure. We use it as a replacement to Matt's FormMail script on our servers, and we haven't seen any spam being sent from that script. Matt FormMail script seemed to always have exploits, but they may have been just because it was popular so everyone looked for exploits. If NMS becomes popular, I'm sure some exploits will eventually be found.

    As for Matt's FormMail script. I believe the latest version is 1.92. This version should fix all the previous exploits.

  3. #3
    Join Date
    Jul 2001
    Toronto, ON.
    i haven't used it myself, but have heard good things about nms. this is what matt has to say about nms.

    While the free code found at my web site has not evolved much in recent years, the general programming practices and standards of CGI programs have. nms is an attempt by very active programmers in the Perl community to bring the quality of code for these types of programs up to date and eliminate some of the bad programming practices and bugs found in the existing Matt's Script Archive code.
    I would highly recommend downloading the nms versions if you wish to learn CGI programming. The code you find at Matt's Script Archive is not representative of how even I would code these days.

    i've seen so many form mailers get exploited ... so using nms would most likely be a good idea.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts