well I guess I never saw it because I always keep the cfadmin in the
default website and lock it down, and always create a copy of the CFIDE
without the admin or adminapi for all other sites. So there is always a
REAL CFIDE.
I have just gone and checked some cf sites on several servers for
well I guess I never saw it because I always keep the cfadmin in the
default website and lock it down, and always create a copy of the CFIDE
without the admin or adminapi for all other sites. So there is always a
REAL CFIDE.
That, by itself, is not sufficient. You can have a real CFIDE
I have to say I have never once had that in my 12 years of installing cf
servers, if the cfide dir or vdir doesn't exist , then cfide or the
administrator doesn't work, period.
So there must be some.very special.circumstances for that to happen, it
certainly doesn't happen on a standard windows
Upon further review of my server I have discovered several files were
compromised, dating back to January 2, 2013. They appear in various places
in the /CFIDE folder. Here is a list of the ones I found this morning:
C:\Inetpub\wwwroot\CFIDE\adminapi\customtags\fusebox.cfm
Upon further review of my server I have discovered several files were
compromised, dating back to January 2, 2013. They appear in various places
in the /CFIDE folder. Here is a list of the ones I found this morning:
C:\Inetpub\wwwroot\CFIDE\
adminapi\customtags\fusebox.cfm
I have to say I have never once had that in my 12 years of installing cf
servers, if the cfide dir or vdir doesn't exist , then cfide or the
administrator doesn't work, period.
I have seen this many times. Again, as mentioned previously, it's not
at all obvious - you request the URL
Hi Robert,
CFChart relies on the URI /CFIDE/GraphData.cfm so if you block /CFIDE then
cfchart also stops working, there is no way I'm aware of to tell CFChart to
use a different URI (I wish there was!). This also adds confusing for some
because the file /CFIDE/GraphData.cfm does not exist in
What should we do to allow CFChart to function without opening a
security hole?
What we do is this.
1. Duplicate the CFIDE directory in full.
2. In the duplicate, remove the administration folders altogether.
3. In all but the CFAdmin site itself on the server (which should really not
be
I have watched this discussion with interest for much of the day and am
unsure whether I should be concerned or not.
Is there a new major ColdFusion security hole at work here? Is this just
an old issue that some people had not patched correctly?If this is a
new issue, what do I need to do
Hi Paul,
That approach may work in some cases, but there are cases where
/CFIDE/administrator/index.cfm may still resolve even if there is no folder
there (or no virtual directory). We often receive reports saying that
hackmycf.com is incorrectly reporting CF administrator open because
Pete,
That approach may work in some cases, but there are cases where
/CFIDE/administrator/index.cfm may still resolve even if there is no
folder there (or no virtual directory).
You're going to have to explain how /CFIDE/administrator/index.cfm could
resolve when the CFIDE mapping is
Paul,
Sorry to clarify if the folder is gone 100% from the server it will not
work, but if you kept it in the default install location, eg
c:\inetpub\wwwroot or c:\coldfusion9\wwwroot\CFIDE and even though there is
no website that points to that on the webserver it can still resolve. So in
that
That approach may work in some cases, but there are cases where
/CFIDE/administrator/index.cfm may still resolve even if there is no
folder there (or no virtual directory).
You're going to have to explain how /CFIDE/administrator/index.cfm could
resolve when the CFIDE mapping is pointing
That approach may work in some cases, but there are cases where
/CFIDE/administrator/index.cfm may still resolve even if there is
no
folder there (or no virtual directory).
You're going to have to explain how /CFIDE/administrator/index.cfm
could resolve when the CFIDE mapping is
Check charlie areharts blog, he did a lengtny post pn this with links to
several lockdown articles.
Regards
Russ Michaels
www.michaels.me.uk
www.cfmldeveloper.com - Free CFML hosting for developers
www.cfsearch.com - CF search engine
OK, now that you've done that: CF serves all sorts of pages that don't
exist. You may read up in this very thread about CFCHART, which relies
on a URL pattern that doesn't exist. CF relies on servlet mappings,
which may or may not correspond with actual URLs. Typically, they do,
but there
Great explanation Dave. Good to know.
On 5 February 2013 11:21, Dave Watts dwa...@figleaf.com wrote:
OK, now that you've done that: CF serves all sorts of pages that don't
exist. You may read up in this very thread about CFCHART, which relies
on a URL pattern that doesn't exist. CF
17 matches
Mail list logo
