Message from discussion
file upload vulnerability in CF801
Received: by 10.210.118.13 with SMTP id q13mr301377ebc.12.1246632100815;
Fri, 03 Jul 2009 07:41:40 -0700 (PDT)
Return-Path: <gareth.c...@esus.ie>
Received: from morgana.blacknight.ie (morgana.blacknight.ie [81.17.252.60])
by gmr-mx.google.com with ESMTP id 14si834249ewy.1.2009.07.03.07.41.40;
Fri, 03 Jul 2009 07:41:40 -0700 (PDT)
Received-SPF: pass (google.com: domain of gareth.c...@esus.ie designates 81.17.252.60 as permitted sender) client-ip=81.17.252.60;
Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of gareth.c...@esus.ie designates 81.17.252.60 as permitted sender) smtp.mail=gareth.c...@esus.ie
Received: from host90-152-20-233.ipv4.regusnet.com ([90.152.20.233] helo=D820)
by morgana.blacknight.ie with esmtpa (Exim 4.50)
id 1MMjx9-0007Cc-QB
for scottishcfug@googlegroups.com; Fri, 03 Jul 2009 15:41:27 +0100
From: "Gareth Cole" <gareth.c...@esus.ie>
To: <scottishcfug@googlegroups.com>
Subject: file upload vulnerability in CF801
Date: Fri, 3 Jul 2009 15:41:28 +0100
Message-ID: <83C10A9B2D9044D3A5B575FB4D77F286@D820>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0006_01C9FBF4.BB9D25C0"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.6838
thread-index: Acn77FlcTJDHWosjT72E2ItHzIeS+A==
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
X-morgana-blacknight-MailScanner-Information: Please contact the ISP for more information
X-morgana-blacknight-MailScanner: Found to be clean
X-morgana-blacknight-MailScanner-SpamCheck: not spam,
SpamAssassin (not cached, score=-1.439, required 7,
autolearn=disabled, ALL_TRUSTED -1.44, HTML_MESSAGE 0.00)
X-morgana-blacknight-MailScanner-From: gareth.c...@esus.ie
This is a multi-part message in MIME format.
------=_NextPart_000_0006_01C9FBF4.BB9D25C0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
Hi Folks,
Just in case you haven't seen this yet, there's a security vulnerability in
the CF801 updater:
http://www.theregister.co.uk/2009/07/03/coldfusion_compromise/
Some genius at adobe decided to enable file uploads by default in the
embedded fckeditor. Unfortunately, this allows hackers to upload any files
they want on to your system, and take control of your server.
The link has full details and remedy.
------=_NextPart_000_0006_01C9FBF4.BB9D25C0
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 10 (filtered)">
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.EmailStyle17
{font-family:Arial;
color:windowtext;}
@page Section1
{size:612.0pt 792.0pt;
margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=3DEN-US link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-GB =
style=3D'font-size:
10.0pt;font-family:Arial'>Hi Folks,</span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-GB =
style=3D'font-size:
10.0pt;font-family:Arial'> </span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-GB =
style=3D'font-size:
10.0pt;font-family:Arial'>Just in case you haven't seen this yet, =
there's a
security vulnerability in the CF801 updater:</span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-GB =
style=3D'font-size:
10.0pt;font-family:Arial'><a
href=3D"http://www.theregister.co.uk/2009/07/03/coldfusion_compromise/">h=
ttp://www.theregister.co.uk/2009/07/03/coldfusion_compromise/</a></span><=
/font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-GB =
style=3D'font-size:
10.0pt;font-family:Arial'> </span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-GB =
style=3D'font-size:
10.0pt;font-family:Arial'>Some genius at adobe decided to enable file =
uploads
by default in the embedded fckeditor. Unfortunately, this allows hackers =
to
upload any files they want on to your system, and take control of your =
server.</span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-GB =
style=3D'font-size:
10.0pt;font-family:Arial'> </span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-GB =
style=3D'font-size:
10.0pt;font-family:Arial'>The link has full details and =
remedy.</span></font></p>
</div>
</body>
</html>
------=_NextPart_000_0006_01C9FBF4.BB9D25C0--
|
