Signature Detail
Short Name |
HTTP:IIS:COLDFUSION-INFOLEAK |
|---|---|
Severity |
Low |
Recommended |
No |
Category |
HTTP |
Keywords |
Coldfusion IIS |
Release Date |
2005/02/16 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+ |
HTTP: ColdFusion MX 6.1 on IIS File Contents Disclosure
This signature detects attempts to exploit an information disclosure vulnerability in ColdFusion application server. Attackers can send a malicious request that forces the server to return the source code of script files. Attackers can then use this information to plan future, more targeted attacks.
Extended Description
TYPSoft FTP Server is reported susceptible to a remote denial of service vulnerability. A remote attacker with the ability to successfully authenticate to the affected FTP server is reportedly able to crash the service. Versions up to and including 1.11 are reportedly affected by this vulnerability.
Affected Products
- TYPSoft TYPSoft FTP Server 0.85.0
- TYPSoft TYPSoft FTP Server 0.93.0
- TYPSoft TYPSoft FTP Server 0.95.0
- TYPSoft TYPSoft FTP Server 0.96.0
- TYPSoft TYPSoft FTP Server 0.97.0
- TYPSoft TYPSoft FTP Server 0.97.5
- TYPSoft TYPSoft FTP Server 0.99.6
- TYPSoft TYPSoft FTP Server 1.0.0 0
- TYPSoft TYPSoft FTP Server 1.0.0 1
- TYPSoft TYPSoft FTP Server 1.0.0 2
- TYPSoft TYPSoft FTP Server 1.0.0 3
- TYPSoft TYPSoft FTP Server 1.0.0 4
- TYPSoft TYPSoft FTP Server 1.0.0 5
- TYPSoft TYPSoft FTP Server 1.0.0 6
- TYPSoft TYPSoft FTP Server 1.0.0 7
- TYPSoft TYPSoft FTP Server 1.0.0 8
- TYPSoft TYPSoft FTP Server 1.0.0 9
- TYPSoft TYPSoft FTP Server 1.1.0
- TYPSoft TYPSoft FTP Server 1.10.0
- TYPSoft TYPSoft FTP Server 1.11.0
References