ColdFusion Zero day vulnerability : Remote File Disclosure of Password Hashes


Yesterday Blackhatacademy Released Fully automated MySQL5 boolean based enumeration tool. Today Another post expose the most critical ColdFusion vulnerability affects about a tenth of all ColdFusion servers at the present. It chains together multiple exploits, and it provides a 30 second window into the Administrator panel. The ColdFusion Administrator panel can then be used to write out a shell.
cybersecurity

ColdFusion Markup Language is an interpreted language utilizing a Java backend. It allows direct access to Java via its cfscript tags, while simultaneously offering a simple web wrapper. It is vulnerable to a variety of attacks, but mainly LFD and SQLi. ColdFusion scripts are commonly run as an elevated user, such as NT-Authority\SYSTEM (Windows) or root (Linux), making them especially susceptible to web-based attacks.

Patching a ColdFusion instance from the LFD->Bypass->RCE exploit can only be done on ColdFusion 8. No other versions can be patched. That being said, the official Adobe patch can be downloaded here.

Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.