[Snort-sigs] Documentation: SID 907
ddavidson at ...1674...
Tue Jul 22 15:36:19 EDT 2003
WEB-COLDFUSION 'publish' example app addcontent.cfm access
Attempted to access a vulnerable example application on a Coldfusion 4.x
server. This 'Web Publish Example Script' can be exploited to allow the
attacker to upload an arbitrary file to the server.
Serious: The vulnerability allows custom code to be uploaded to the server.
ColdFusion (Macromedia, formerly Allaire) web servers have several
default Example applications installed that have vulnerabilities. The
'Web Publish Example script' application can be exploited to allow the
uploading of arbitrary files.
See Macromedia Security Bulletin (MPSB01-08) for complete information.
ColdFusion versions 2.x, 3.x, 4.x for Windows
ColdFusion versions 4.x for Solaris, HP-UX
ColdFusion versions 4.5.x for Linux
Expression Evaluator Patch (ASB99-01)
The web application allows file uploading via a URL like this:
Once the file has been uploaded, it can be executed by crafting a 2nd
URL to the uploaded file.
Ease of Attack:
If you're using ColdFusion example code, you'll trigger this alert.
Delete all example code. This is one of several significant
vulnerabilities that are exploitable if the example code is left on a
Documentation - Darryl Davidson <ddavidson at ...1674...>
Macromedia Security Bulletin (MPSB01-08)
More information about the Snort-sigs