'NII Advisory - Path Disclosure in Cold Fusion MX Server'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ntbugtraq
Subject:    NII Advisory - Path Disclosure in Cold Fusion MX Server
From:       "Network Intelligence India Pvt. Ltd." <info () NII ! CO ! IN>
Date:       2003-04-26 5:48:44
[Download RAW message or body]

===================================================
Path Disclosure in Macromedia ColdFusion MX Server
Vendor: Macromedia http://www.macromedia.com
Versions affected: ColdFusion MX Server
Operating System: Windows 2000
Date: 26th April 2003
Severity: Low

Network Intelligence India Pvt. Ltd. http://www.nii.co.in
Online location: http://www.nii.co.in/vuln/pdmac.html
===================================================


Background:
=========
Macromedia Cold Fusion MX Server is a powerful web application server that lets you \
create robust sites and applications without a long learning curve.


Description:
=========
In its default installation, the Macromedia ColdFusion MX Server starts a web server \
(jrun) on port 8500. This is mainly for administrative purposes. When this server is \
accessed with the following URL http://host:8500/CFIDE/probe.cfm, an error message is \
displayed which reveals the Physical path of the location where the MX Server has \
been installed.

Error occured in:
C:\CFusionMX\wwwroot\CFIDE\probe.cfm:line56

Vendor Response:
=============
The vendor response is that this is a feature controlled by the 'Debugging Settinsg' \
page in the Administrator console.  [X] Enable Robust Exception Information. This \
checkbox is checked by default on a new installation to allow application \
development. For a production system the checkbox must be disabled.


Impact:
=====
Like with any other Path Disclosure, this bug would only allow vital information to \
be disclosed. By itself, it will not allow for a system compromise, but in \
conjunction with some other vulnerability in a Web app or in the server, it might be \
dangerous.


Workaround:
==========
Disable the checkbox mentioned above in a production environment. Alternatively, \
firewall the 8500 port to disable outside access to the administrator's console. It \
looks like the old debate on feature-or-bug, where the default configuration is not \
secure out-of-the-box.


About NII
========
Network Intelligence India Pvt. Ltd. is an IT Security firm specializing in Security \
Audits, Training and Research. You may read our other advisories at \
http://www.nii.co.in/research/advisories.html

We also develop host-based security auditing software - AuditPro for Windows, Unix, \
SQL, and Oracle http://www.nii.co.in/products.html


Disclaimer:
=========
The information contained in this advisory is copyright (c) 2003 Network Intelligence \
India Pvt. Ltd. This advisory may be redistributed, provided that no fee is assigned \
and that the advisory is not modified in any way.

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Have you discovered a security vulnerability related to Windows or a
commercial product which runs on Windows?

Need assistance crafting the format or translating your advisory to English?

Need to verify it, or having problems contacting the Vendor?

Contact mailto:Advisories@NTBugtraq.com

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic