Security Advisories | Path Disclosure | Macromedia ColdFusion MX Server Path Disclosure Vulnerability

Vendor: Macromedia (Now Adobe)
Systems Affected: All servers running Cold Fusion MX Server
Type: Path Disclosure
Severity: Low

I. Description
In its default installation, the Macromedia ColdFusion MX Server starts a web server (jrun) on port 8500. This is mainly for administrative purposes. When this server is accessed with the following URL http://host:8500/CFIDE/probe.cfm, an error message is displayed which reveals the Physical path of the location where the MX Server has been installed.
Error occured in:
C:\CFusionMX\wwwroot\CFIDE\probe.cfm:line56.

II. Impact
An intruder can gain sensitive information about a server's directory and file structure. Like with any other Path Disclosure, this bug would only allow vital information to be disclosed. By itself, it will not allow for a system compromise, but in conjunction with some other vulnerability in a Web app or in the server, it might be dangerous.

III. Workaround
 Disable the checkbox mentioned above in a production environment. Alternatively, firewall the 8500 port to disable outside access to the administrator's console. It looks like the old debate on feature-or-bug, where the default configuration is not secure out-of-the-box.

Disclaimer
The information contained in this advisory is copyright © 2003 Network Intelligence India Pvt. Ltd. This advisory may be redistributed, provided that no fee is assigned and that the advisory is not modified in any way.



Advisory Listing

SQL Injections

Buffer Overflows

Information Disclosure, Path Disclosure

Denial of Service

User Enumeration

Password Disclosure

Network Intelligence (I) Pvt. Ltd. © 2004 | Copyright | Disclaimer
info@niiconsulting.com