RE: cold fusion 5.0 cfrethrow exploit
From: Jeff Palmer (scorpio@drkshdw.org)Date: 07/31/01
- Previous message: Justin Nelson: "Re: vmware bug?"
- In reply to: Johnson, Michael: "RE: cold fusion 5.0 cfrethrow exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 31 Jul 2001 13:39:41 -0400 (EDT) From: Jeff Palmer <scorpio@drkshdw.org> To: "Johnson, Michael" <Michael.Johnson@ASTStockplan.com> Subject: RE: cold fusion 5.0 cfrethrow exploit Message-ID: <20010731133031.F3444-100000@jeff.isni.net>
> Anyone seen a proof of concept for the 'huge allaire exploit' that they are
> telling everyone to put that patch on for? I think its a hoax as I have not
> seen it yet ...just some marketing ploy to get everyone to upgrade...
>
> -MJ?
>
Let me start by saying I am not a ColdFusion programmer or anything near
there. I do however admin 2 RH servers for a company in texas who use CF.
With permission, I have tested this exploit, and have verified it works
as advertised (restarts the CF server on redhat linux)
Once, apache crashed along with it (signal 11. It dumped core but I
didn't take time to debug why) Therefore it didn't restart. It effectively
killed the web server. (This happened once out of nearly 100 tests, on a
devel box)
There are things you need to consider here.
#1) Most organizations still use the NT version of the server. So if
this was a marketing ploy, I'd assume allaire would show an NT
vulnerability?
#2) This exploit only affects systems where users have write access to a
website. If your server only offers access to developers, you are not
vulnerable (Unless you upset one of your employees, in which case, you
have many more problems than a simple server restart)
Regards,
Jeff Palmer
scorpio@drkshdw.org
- Previous message: Justin Nelson: "Re: vmware bug?"
- In reply to: Johnson, Michael: "RE: cold fusion 5.0 cfrethrow exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
