Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 APP:COLDFUSIONMX-ACC

Severity

 Info

Recommended

 No

Category

 APP

Release Date

 2005/08/03

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

APP: Macromedia ColdFusion MX Path Disclosure


This signature detects attempts to access the fileprobe.cfm. With default settings, Macromedia ColdFusion MX will return an error message containing the full path of the ColdFusion software. Versions 6.x are vulnerable.

Extended Description

A vulnerability has been reported for Macromedia ColdFusion MX that may reveal the physical path information to attackers. When certain malformed URL requests are received by the server, an error message is returned containing the full path of the ColdFusion installation.

Affected Products

  • Macromedia ColdFusion Server MX Developer
  • Macromedia ColdFusion Server MX Enterprise
  • Macromedia ColdFusion Server MX Professional
  • Macromedia ColdFusion Server MX 6.0.0

References

  • BugTraq: 7443
  • URL: http://www.nii.co.in/vuln/pdmac.html
  • URL: http://www.securityfocus.com/archive/1/319867/2003-04-20/2003-04-26/0

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out