Security Advisories | Path Disclosure | Macromedia ColdFusion MX Server Path Disclosure Vulnerability
Vendor: Macromedia (Now Adobe)
Systems Affected: All servers running Cold Fusion MX Server
Type: Path Disclosure
Severity: Low

In its default installation, the Macromedia ColdFusion MX Server starts a web server (jrun) on port 8500. This is mainly for administrative purposes. When this server is accessed with the following URL http://host:8500/CFIDE/probe.cfm, an error message is displayed which reveals the Physical path of the location where the MX Server has been installed.
Error occured in:
C:\CFusionMX\wwwroot\CFIDE\probe.cfm:line56.

An intruder can gain sensitive information about a server's directory and file structure. Like with any other Path Disclosure, this bug would only allow vital information to be disclosed. By itself, it will not allow for a system compromise, but in conjunction with some other vulnerability in a Web app or in the server, it might be dangerous.

Disable the checkbox mentioned above in a production environment. Alternatively, firewall the 8500 port to disable outside access to the administrator's console. It looks like the old debate on feature-or-bug, where the default configuration is not secure out-of-the-box.

The information contained in this advisory is copyright © 2003 Network Intelligence India Pvt. Ltd. This advisory may be redistributed, provided that no fee is assigned and that the advisory is not modified in any way.