[Snort-sigs] Documentation: SID 908
ddavidson at ...1674...
Tue Jul 22 16:12:06 EDT 2003
WEB-COLDFUSION administrator access
Attempted to access the administrator screens for Coldfusion server. A
long password can cause a Denial-of-Service.
Medium: While the risk as a target for password attacks is minor, the
administrator login mechanism can be jammed by long passwords, leading
to a Denial-of-Service for the server.
ColdFusion's administrator interface is reachable via:
It is recommended that access to these pages be restricted to trusted
IP's to prevent them being targets for password attacks.
Further, long passwords create a Denial-of-Service state in the server
See Macromedia Security Bulletin (MPSB01-08) for complete information.
ColdFusion versions 4.x for Windows, Solaris, HP-UX, Linux
Ease of Attack:
At minimum, restrict access to the administrator mechanism from within
the ColdFusion administrator screens. Only internal, trusted users
should be allowed access. For further protections, use the security
capabilities of the webserver or the OS to restrict access to the
CFIDE/administrator directory when not needed, or copy/remove the
CFIDE/administrator directory completely off the server when not in use
(it will be necessary to reload the directory before accessing admin
functions, of course).
Documentation - Darryl Davidson <ddavidson at ...1674...>
Allaire Security Bulletin (ASB00-14)
More information about the Snort-sigs