GEN:SID | 1:918 |
Message | WEB-COLDFUSION expeval access |
Summary | This even indicates an attempt to exploit undocumented CFML tags on a Allaire ColdFusion Server |
Impact | Extensive server data retrieval including settings and passwords |
Detailed Information | Undocumented CFML tags allow reading and decryption of sensitive data contained on servers running Allaire ColdFusion Server 2.0 - 4.0.1. This data can be accesses by constructing a hosted application that accesses these undocumented tags with the possibility of changing values on the server and reading admin and studio passwords |
Affected Systems | Allaire ColdFusion Server 2.0 - 4.0.1 |
Attack Scenarios | A user with permission to create pages on the server installs an application that accesses the undocumented CFML tags, accessing this application would allow viewing and possible modifications of these settings |
Ease of Attack | Medium, Attackers need the ability to add files to the server. No "In the Wild" exploits were available at type of writing |
Corrective Action | Patches are available from Allaire, install them. |
Additional References | |
Rule References | bugtraq: 550
cve: 1999-0477
|