Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Servers :: cf14.htm

ColdFusion Server Professional 4.5.1 Eval for Windows (SP2) - crashing it



Vulnerability

    Cold Fusion

Affected

    ColdFusion Server Professional 4.5.1 Eval for Windows (SP2)

Description

    Niels Heinen  found following.   The vulnerability  can crash  the
    ColdFusion server  and in  some cases  the system  it is installed
    on.  The  problem will potentially  cause the denial  of web-based
    services on the server.

    Vulnerable are all servers  running ColdFusion version 4.5.1  with
    certain  optional  example   scripts.   To   be  vulnerable,   the
    administrator must  have first  chosen the  example scripts during
    installation.

    During installation of  the ColdFusion server,  the user is  given
    the  chance  to  load  specific  example  scripts.   One  of these
    example scripts is  a search engine.   This search engine  has the
    ability  to  detect  whether  the  directories  on  the server are
    indexed.  If  the directories are  not indexed, the  search engine
    calls a second script that  indexes the directories.  Requests  to
    this indexing script can also be  made by a remote user through  a
    web browser.

    The problem is that while doing  this, the CPU usage will rise  to
    70%  load.   If  several  requests  are  made,  the  server's  CPU
    increases to 100%  load level and  remains there.   In some tests,
    the  ColdFusion  server  (cfserver.exe)  stopped handling requests
    completely.

    A  malicious  user  could  potentially  launch a denial of service
    attack by requesting the indexing script several times.

Solution

    Allaire created  a document  last year  (recently updated).   This
    document  covers  the  example   scripts  that  are   (optionally)
    installed with the server.  Allaire clearly advocates the  removal
    of these examples as a best practice.

    This document is available on the Allaire web site at:

        http://www.allaire.com/Handlers/index.cfm?ID=16258&Method=Full

    In  future  Allaire  will  make  the  second, indexing script only
    accessible from the local host like all the other example scripts.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH