TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
242
Signature Description: ColdFusion is a programming language based on standard HTML(Hyper Text Markup
Language) that is used to creating and serving web-based applications that interact with back-end databases. Web pages
that interact with ColdFusion application servers have a .cfm file extension. ColdFusion Web pages include tags written
in Cold Fusion Markup Language(CFML). ColdFusion(ColdFusion versions 3.x and 4.x) server include undocumented
CFML(ColdFusion Markup Language) tags and functions that are used in the ColdFusion Administrator. The
cfusion_encrypt() function, this can be used to retrieve and decrypt the admin and studio passwords. With these
passwords, an attacker can use a variety of tools for retrieve directory listing, uploadfiles, registry access, and security
access.
Signature ID: 1804
Allaire ColdFusion Path Disclosure Vulnerability
Threat Level: Information
Industry ID: CVE-2000-0189 Bugtraq: 1021
Signature Description: Allaire ColdFusion is a popular web applications development tool. ColdFusion uses a tag-
based, server scripting language that is ideal for programming web applications. The ColdFusion Markup
Language(CFML) cleanly integrates with HTML(Hyper Text Markup Language) for user interface and XML for data
exchange. ColdFusion Server(ColdFusion versions 4.0, 4.0.1, and 4.5.0) allow remote attacker to determine the real
pathname of the server via an HTTP request to the application.cfm. Upgrade the latest version of Allaire ColdFusion,
available at vendor's website.
Signature ID: 1805
WEB-COLDFUSION beaninfo access Vulnerability
Threat Level: Information
Industry ID: CVE-1999-0760 Bugtraq: 550
Signature Description: ColdFusion is an application server and software development framework used for the
development of computer software in general, and dynamic web sites. ColdFusion is a similar product to Microsoft
ASP.NET, JavaServer Pages or PHP. ColdFusion Server includes several undocumented CFML tags and functions.
ColdFusion( 2.0, 3.0, 3.0.1, 3.1, 3.1.1, 3.1.2, 4.0, 4.0.1) are vulnerable. Undocumented CFML tags in ColdFusion will
allow an remote attacker to gain unauthorized access to administrative privileges, including registry and advanced
security settings. This rule will triggers when an attempt is made to send cfdocs/examples/cvbeans/beaninfo.cfm
pattern. Upgrade the patches are available from vendors web site.
Signature ID: 1806
WEB-COLDFUSION cfappman access Vulnerability
Threat Level: Information
Industry ID: CVE-1999-0760
Bugtraq: 550
Signature Description: ColdFusion is an application server and software development framework used for the
development of computer software in general, and dynamic web sites. ColdFusion is a similar product to Microsoft
ASP.NET, JavaServer Pages or PHP. ColdFusion Server includes several undocumented CFML tags and functions.
ColdFusion( 2.0, 3.0, 3.0.1, 3.1, 3.1.1, 3.1.2, 4.0, 4.0.1) are vulnerable. Undocumented CFML tags in ColdFusion will
allow an remote attacker to gain unauthorized access to administrative privileges, including registry and advanced
security settings. This rule will triggers when an attempt is made to send cfappman/index.cfm pattern. Upgrade the
patches are available from vendors web site.
Signature ID: 1807
Allaire ColdFusion 4.0x CFCACHE Vulnerability
Threat Level: Information
Industry ID: CVE-2000-0057
Bugtraq: 917
Signature Description: Allaire ColdFusion is a popular web applications development tool. ColdFusion uses a tag-