ColdFusion Server Web Publish Example Script Access Restriction Bypass

2001-08-07T00:00:00
ID OSVDB:10505
Type osvdb
Reporter Mark Dowd(mdowd@iss.net)
Modified 2001-08-07T00:00:00

Description

Vulnerability Description

The 'Web Publish' example script in ColdFusion Server contains a flaw that may allow a remote attacker to bypass access restrictions. The issue is triggered when sending a HTTP request with a spoofed Host variable in the HTTP header. It is possible that the flaw may allow a remote attacker to upload and execute malicious files resulting in a loss of integrity.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Remove the CFDOCS directory.

Short Description

The 'Web Publish' example script in ColdFusion Server contains a flaw that may allow a remote attacker to bypass access restrictions. The issue is triggered when sending a HTTP request with a spoofed Host variable in the HTTP header. It is possible that the flaw may allow a remote attacker to upload and execute malicious files resulting in a loss of integrity.

References:

Vendor URL: http://www.macromedia.com/ Vendor Specific Advisory URL Security Tracker: 1002158 Related OSVDB ID: 10592 Other Advisory URL: http://xforce.iss.net/xforce/alerts/id/advise92 ISS X-Force ID: 6790 CVE-2001-0535 Bugtraq ID: 3154