Most Popular Articles
- MobileMe Mail and Gmail Go Down Simultaneously (11 Aug 2008)
- Comparing Apple's MobileMe Contrition with Google and Netflix (19 Aug 2008)
- iPhone Apps That Go Beyond Entertainment (08 Aug 2008)
- Jobs Personally Acknowledges iPhone Bug and Upcoming Fix (19 Aug 2008)
Recent TidBITS Talk Discussions
- Google Chrome (13 messages)
- Firefox 3 Bounds Forward (12 messages)
- Problems with Eudora on OSX 10.5 (Leopard)? (49 messages)
- Cox.net Will Not Send from iPhone (55 messages)
Related Articles
- Web Companion 5.0v4 Plugs FileMaker Holes (15 May 00)
- FileMaker Developer 5 Ships (24 Apr 00)
Other articles in the series FileMaker 5
- Web Companion 5.0v4 Plugs FileMaker Holes (15 May 00)
- FileMaker Pro 5 Released to Controversy (27 Sep 99)
- Brought to You by the Letter T (04 Oct 99)
- FileMaker Pro 5 Unlimited Ships (17 Jan 00)
- FileMaker 5.0v3 Update Available (27 Mar 00)
- FileMaker Developer 5 Ships (24 Apr 00)
Published in TidBITS 529. Subscribe today to receive TidBITS in email every Monday.
- Government Recommends Microsoft Breakup
- Apple Offers Free iMovie Download
- Handspring Releases Palm Desktop 2.6
- AOL 5.0
- Virtual PC 3.0.3 Update Released
- Dartmouth Spins Off Software
- Poll Preview: Collateral Spammage
- Modifying the Macintosh Startup Sequence
- Email Spam: The Bandwagon Plays On, Part 2
| FileMaker 5 Internet Security Holes
by Geoff Duncan 
FileMaker 5 Internet Security Holes -- Blue World Communications has published a FileMaker 5 security alert outlining serious Internet security issues with FileMaker Pro 5 and FileMaker Pro 5 Unlimited's XML publishing and email capabilities. Two exploits enable an interloper to acquire the entire contents of any Web-published database via email or as XML regardless of Web security settings; another enables anyone on the Internet to use FileMaker 5's email capabilities to send arbitrary email messages (a problem sure to delight spammers worldwide). These revelations come a week after FileMaker Inc. published documentation of FileMaker Pro 5's Web publishing capabilities in FileMaker Developer 5, although portions of FileMaker's XML capabilities have been documented on FileMaker's Web site for five weeks. As of this writing, FileMaker has not acknowledged any problems, and the only workarounds currently appear to be disabling FileMaker 5's Web Companion, reverting to FileMaker Pro 4.x (which does not have these security issues, but cannot open FileMaker 5 databases), or using a middleware product like Blue World's Lasso as a gateway for incoming requests. [GD]
<http://www.blueworld.com/blueworld/news/ 05.01.00-FM5_Security.html>
<http://db.tidbits.com/article/05904>
WebCrossing Neighbors Creates Private Social NetworksCreate a complete social network with your company or group's
own look. Scalable, extensible and extremely customizable.
Take a guided tour today <http://www.webcrossing.com/tour>