AOH :: ISNQ6856.HTM

Hackers: 'ColdFusion bug more serious than Adobe says'




Hackers: 'ColdFusion bug more serious than Adobe says'
Hackers: 'ColdFusion bug more serious than Adobe says'



  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--1457021584-721047661-1282030013=:6228
Content-Type: TEXT/PLAIN; CHARSET=UTF-8
Content-Transfer-Encoding: QUOTED-PRINTABLE
Content-ID:  

http://www.theregister.co.uk/2010/08/16/adobe_coldfusion_vuln/ 

By Dan Goodin in San Francisco 
The Register
16th August 2010 

A recently patched vulnerability in Adobe's ColdFusion application 
server may be more serious than previously thought following the public 
release of exploit code and blog posts claiming it can be used to take 
full control of systems running the software.

In a bulletin published last week, Adobe rated the directory traversal 
vulnerability =E2=80=9Cimportant,=E2=80=9D the third-highest classification on its 
four-tier severity scale. =E2=80=9CThis directory traversal vulnerability could 
lead to information disclosure,=E2=80=9D the company warned. The flaw affects 
version 9.0.1 and earlier of ColdFusion for machines running Windows, 
Mac OS X, and Unix operating systems.

But at least two researchers have said the security bug should have been 
rated critical because it allows attackers to seize control of servers. 
What's more, they said attackers can employ simple web searches to find 
administrators who have carelessly exposed ColdFusion files that make 
the attacks much easier to carry out.

=E2=80=9CThis attack can lead to a full system compromise, so let's make sure 
we're clear,=E2=80=9D HP researcher Rafal Los wrote here. =E2=80=9CIt's not just that 
you can poke around the system files of the machine you've attacked 
(which is highly likely a MS Windows server); it's also the ability to 
upload scripts that can compromise the system or even poke around the 
database natively if the security is really that bad.=E2=80=9D

[...]


--1457021584-721047661-1282030013=:6228
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
Visit InfoSec News!
http://www.infosecnews.org/ 


--1457021584-721047661-1282030013=:6228--

Site design & layout copyright © 1986-2014 CodeGods