| VID |
21015 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The remote web server appears to be running Cold Fusion application server installed a utility called the "Expression Evaluator". The Expression Evaluator is a sample script included with ColdFusion (through version 4.0) to demonstrate to users how to use the expression evaluation features of ColdFusion.
A vulnerability exists in this script that could allow remote attackers to retrieve arbitrary files on the server. An attacker could also call sendmail.cfm without any arguements to return a system date time stamp as well as directory structures. |
| Recommendation |
1. Install the Cold Fusion 4.0.1 Update from the Allaire web site. See References.
2. Obtain and install the appropriate ColdFusion Expression Evaluator Security Patch, available at http://www.allaire.com/handlers/index.cfm?ID=8727&Method=Full.
3. Users who do not wish to patch their systems should remove the applications from //CFDOCS/expeval (namely evaluate.cfm). |
| Related URL |
CVE-1999-0455,CVE-1999-0477 (CVE) |
| Related URL |
115 (SecurityFocus) |
| Related URL |
1740 (ISS) |
|
