Re: [ACFUG Discuss] Fwd: CF9 Solr Security Vulnerability

[John Mason]

I would just add that you should have a firewall in front of your web 
servers any way. The firewall should be blocking all but the necessary 
ports 80 and 443 for example. That would also prevent this problem.

John
ma...@fusionlink.com
twitter: john_mason_


Cameron Childress wrote:
FYI - from CF-Talk.

---------- Forwarded message ----------
From: Pete Freitag <pfrei...@gmail.com>
Date: Fri, Jan 29, 2010 at 12:38 PM
Subject: CF9 Solr Security Vulnerability
To: cf-talk <cf-t...@houseoffusion.com>

Hi Folks,

Incase you missed it, Adobe just released a security bulletin for CF9:
http://www.adobe.com/support/security/bulletins/apsb10-04.html

Essentially the CF9 solr service runs on port 8983 on your servers public
IP's, instead of just 127.0.0.1, which leaves your solr collections open.

The technote to fix it is here:
http://kb2.adobe.com/cps/807/cpsid_80719.html

I have blogged some more about it here:
http://www.petefreitag.com/item/738.cfm

Pete Freitag
http://foundeo.com/ - ColdFusion Consulting & Products
http://petefreitag.com/ - My Blog
http://hackmycf.com - Is your ColdFusion Server Secure?


-------------------------------------------------------------
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------




  



-------------------------------------------------------------
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------