allaire.getfile.cfm.txt

1999-08-17T00:00:00
ID PACKETSTORM:12195
Type packetstorm
Reporter Packet Storm
Modified 1999-08-17T00:00:00

Description

                                        
                                            `Date: Thu, 11 Feb 1999 11:36:57 -0500  
From: Cameron Childress <cameronc@MCRAE.COM>  
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM  
Subject: ACFUG List: Alert: Allaire Forums GetFile bug  
  
The problem outlined below seems to effect all Allaire Forums 2.0.x  
versions. Allaire has confirmed that the bug exists, and will be issuing a  
security bulletin with details about it and a fix shortly. Until then, use  
the following information at your own risk.  
  
Problem:  
  
A file named GetFile.cfm is found in the root directory of Allaire Forums  
2.0.x distributions. This file will allow anyone to access any file on  
servers running Forums. For example, the following URL string format can be  
used to call the server's boot.ini file:  
  
GetFile.cfm?FT=Text&FST=Plain&FilePath=C:\boot.ini  
  
The variables in the above string correspond to the tag in the file, which  
is:  
  
<CFCONTENT TYPE="#FT#/#FST#" FILE="#FilePath#">  
  
Solution:  
  
GetFile.cfm does not appear to be used anywhere in any of the Forums  
templates. Simply deleting the file or commenting out the code in the file  
should protect your server from this exploit.  
  
-Cameron  
  
--------------------  
Cameron Childress  
McRae Communications  
770.460.7277 x.232  
770.460.0963 fax  
  
`