TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
245
ColdFusion( 4.5,4.0.1,4.0) are vulnerable to path disclosure. Undocumented CFML tags in ColdFusion will allow an
remote attacker to gain unauthorized access to administrative privileges, including registry and advanced security
settings. This rule will triggers when an attempt is made to send cfdocs/exampleapp/email/application.cfm pattern. This
issue is fixed in Allaire ColdFusion Server 4.5.1. Administrators are advised to update the 4.5.1 version to resolve this
issue.
Signature ID: 1816
WEB-COLDFUSION expeval access Vulnerability
Threat Level: Information
Industry ID: CVE-1999-0477
CVE-1999-0760 Bugtraq: 550,115
Signature Description: ColdFusion is an application server and software development framework used for the
development of computer software in general, and dynamic web sites. ColdFusion is a similar product to Microsoft
ASP.NET, JavaServer Pages or PHP. ColdFusion Server includes several undocumented CFML tags and functions.
ColdFusion( 2.0, 3.0, 3.0.1, 3.1, 3.1.1, 3.1.2, 4.0) are vulnerable. Undocumented CFML tags in ColdFusion will allow
an remote attacker to gain unauthorized access to administrative privileges, including registry and advanced security
settings. This rule will triggers when an attempt is made to send cfdocs/expeval/ pattern. This issue is fixed in
ColdFusion 4.0.1 version. Administrators are advised to update the 4.0.1 version to resolve this issue.
Signature ID: 1817
Allaire Forums Getfile Vulnerability
Threat Level: Information
Industry ID: CVE-1999-0800 Bugtraq: 229
Signature Description: Allaire Forums is a flexible conferencing system that enables on-line discussions via the Web
on Intranets and the Internet. With Forums we can create web-conferences where people communicate and share
information using a Web browser. The "GetFile.cfm" in Allaire Forums allows anyone to access any file on the Forums
server. This vulnerability affects Forums version 2.0.4 and earlier. Upgrade the latest version of Allaire Forums,
available at vendor's website.
Signature ID: 1818
WEB-COLDFUSION getodbcdsn access Vulnerability
Threat Level: Information
Industry ID: CVE-1999-0477
CVE-1999-0760 Bugtraq: 550,115
Signature Description: ColdFusion is a programming language based on standard HTML(Hyper Text Markup
Language) that is used to creating and serving web-based applications that interact with back-end databases. Web pages
that interact with ColdFusion application servers have a .cfm file extension. ColdFusion Web pages include tags written
in Cold Fusion Markup Language(CFML). ColdFusion(ColdFusion versions 3.x and 4.x) server include undocumented
CFML(ColdFusion Markup Language) tags and functions that are used in the ColdFusion Administrator. The
undocumented CFUSION_GETODBCDSN() function, could be used by an attacker to gets ODBC data source names
from the registry.
Signature ID: 1819
WEB-COLDFUSION getodbcin Vulnerability
Threat Level: Information
Industry ID: CVE-1999-0477
CVE-1999-0760 Bugtraq: 550,115
Signature Description: ColdFusion is a programming language based on standard HTML(Hyper Text Markup
Language) that is used to creating and serving web-based applications that interact with back-end databases. Web pages
that interact with ColdFusion application servers have a .cfm file extension. ColdFusion Web pages include tags written
in Cold Fusion Markup Language(CFML). ColdFusion(ColdFusion versions 3.x and 4.x) server include undocumented
CFML(ColdFusion Markup Language) tags and functions that are used in the ColdFusion Administrator. The