On Wed, Feb 22, 2012 at 7:55 PM, Ras Tafari <[email protected]> wrote:
> any idea how they were able to get the file that ran into the cfide > directory? and what might prevent that part? > that's the most haunting part to him. i said it was probably a > windows exploit first... not sure tho. > If they are running CF8 without security hotfixes then there is a really good chance that it was the FCKeditor vulnerability: http://www.adobe.com/support/security/bulletins/apsb09-09.html But there are also so many other things ways they could have done it. The bottom line is you want to make sure you have all security hotfixes in place, and then make sure everything is running with the least possible privilege. Otherwise its pretty easy to take control of your server! -- Pete Freitag - Adobe Community Professional http://foundeo.com/ - ColdFusion Consulting & Products http://petefreitag.com/ - My Blog http://hackmycf.com - Is your ColdFusion Server Secure? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:350075 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
