Every so often I get an email back from someone who ran HackMyCF.com saying something like this:

Your scanner says our ColdFusion Administrator is publicly accessible, but I don't think that's true.

I've just finished updating the HackMyCF.com ColdFusion security scanner to detect the BlaseDS Vulnerability APSB10-05 announced in February 2010. As you hopefully know, this vulnerability also effects ColdFusion 7-9, because it has BlaseDS installed by default.

Here are some easy ways you can tell if a particular site is serious about security: