TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
244
that interact with ColdFusion application servers have a .cfm file extension. ColdFusion Web pages include tags written
in Cold Fusion Markup Language(CFML). ColdFusion(ColdFusion versions 3.x and 4.x) server include undocumented
CFML(ColdFusion Markup Language) tags and functions that are used in the ColdFusion Administrator. The
undocumented CFUSION_DBCONNECTIONS_FLUSH() function, could be used by an attacker to disconnects all
curretly connected ColdFusion datasources.
Signature ID: 1812
WEB-COLDFUSION displayfile access Vulnerability
Threat Level: Information
Industry ID: CVE-1999-0760 Bugtraq: 550
Signature Description: ColdFusion is an application server and software development framework used for the
development of computer software in general, and dynamic web sites. ColdFusion is a similar product to Microsoft
ASP.NET, JavaServer Pages or PHP. ColdFusion Server includes several undocumented CFML tags and functions.
ColdFusion( 2.0, 3.0, 3.0.1, 3.1, 3.1.1, 3.1.2, 4.0, 4.0.1) are vulnerable. Undocumented CFML tags in ColdFusion will
allow an remote attacker to gain unauthorized access to administrative privileges, including registry and advanced
security settings. This rule will triggers when an attempt is made to send cfdocs/expeval/displayopenedfile.cfm pattern.
Upgrade the patches are available from vendors web site.
Signature ID: 1813
WEB-COLDFUSION evaluate.cfm access Vulnerability
Threat Level: Information
Industry ID: CVE-1999-0760 Bugtraq: 550
Signature Description: ColdFusion is an application server and software development framework used for the
development of computer software in general, and dynamic web sites. ColdFusion is a similar product to Microsoft
ASP.NET, JavaServer Pages or PHP. ColdFusion Server includes several undocumented CFML tags and functions.
ColdFusion( 2.0, 3.0, 3.0.1, 3.1, 3.1.1, 3.1.2, 4.0, 4.0.1) are vulnerable. Undocumented CFML tags in ColdFusion will
allow an remote attacker to gain unauthorized access to administrative privileges, including registry and advanced
security settings. This rule will triggers when an attempt is made to send cfdocs/snippets/evaluate.cfm pattern. Upgrade
the patches are available from vendors web site.
Signature ID: 1814
WEB-COLDFUSION exampleapp access Vulnerability
Threat Level: Information
Industry ID: CVE-2001-0535 CVE-1999-0760 Bugtraq: 550
Signature Description: ColdFusion is an application server and software development framework used for the
development of computer software in general, and dynamic web sites. ColdFusion is a similar product to Microsoft
ASP.NET, JavaServer Pages or PHP. ColdFusion Server includes several undocumented CFML tags and functions.
ColdFusion 4.5 is vulnerable. Undocumented CFML tags in ColdFusion will allow an remote attacker to gain
unauthorized access to administrative privileges, including registry and advanced security settings. This rule will
triggers when an attempt is made to send cfdocs/exampleapp/email/application.cfm pattern. This issue is fixed in
Allaire ColdFusion Server 5.0. Administrators are advised to update the 5.0 or later version to resolve this issue.
Signature ID: 1815
WEB-COLDFUSION exampleapp application.cfm Vulnerability
Threat Level: Information
Industry ID: CVE-2000-0189
Bugtraq: 1021
Signature Description: ColdFusion is an application server and software development framework used for the
development of computer software in general, and dynamic web sites. ColdFusion is a similar product to Microsoft
ASP.NET, JavaServer Pages or PHP. ColdFusion Server includes several undocumented CFML tags and functions.