Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
Severity: Medium
This attack could pose a moderate security threat. It does not require immediate action.Description
This signature detects an attempt to overflow a buffer in the Macromedia ColdFusion server.Additional Information
Macromedia has reported a buffer overflow condition in ColdFusion MX server when used with Microsoft IIS.The Macromedia ColdFusion MX IIS ISAPI handler is prone to a remotely exploitable buffer overflow condition. The issue is due to a lack of bounds checking on requested filenames. It is possible to trigger the overflow by requesting a filename (with extension ".cfm") of length 4096 characters or greater.
For example:
GET /[buffer].cfm HTTP/1.0
According to Macromedia, an overrun also occurs if the "template filename" is greater than 8092 bytes in length.
At the very least, this condition may be exploited to cause a denial of IIS service. Macromedia has stated that exploitation may cause IIS to become unresponsive until it is manually restarted.
The overflow reportedly occurs in stack memory and may be trivially exploited to execute instructions on the target host. The instructions will run with the privileges of IIS.
Affected
- Macromedia ColdFusion Server MX Developer, MX Enterprise, MX Professional
Response
Macromedia has released a patch:Macromedia ColdFusion Server MX Professional:
Macromedia Patch MPSB02-03.zip
Macromedia Patch MPSB02-05_Windows.zip
Macromedia Upgrade MPSB02-07_intel-win.zip
Macromedia Upgrade MPSB02-07_sparc-solaris.gz
Macromedia Upgrade MPSB02-07_intel-linux.gz
Macromedia Upgrade MPSB02-07_hpux.gz
Macromedia Upgrade wsconfig.jar
Macromedia Patch MPSB02-05_Windows
Macromedia Patch mpsb03-04.zip
Macromedia ColdFusion Server MX Developer:
Macromedia Patch MPSB02-03.zip
Macromedia Patch MPSB02-05_Windows.zip
Macromedia Upgrade MPSB02-07_intel-win.zip
Macromedia Upgrade MPSB02-07_sparc-solaris.gz
Macromedia Upgrade MPSB02-07_intel-linux.gz
Macromedia Upgrade MPSB02-07_hpux.gz
Macromedia Upgrade wsconfig.jar
Macromedia Patch MPSB02-05_Windows
Macromedia Patch mpsb03-04.zip
Macromedia ColdFusion Server MX Enterprise:
Macromedia Patch MPSB02-03.zip
Macromedia Patch MPSB02-05_Windows.zip
Macromedia Upgrade MPSB02-07_intel-win.zip
Macromedia Upgrade MPSB02-07_sparc-solaris.gz
Macromedia Upgrade MPSB02-07_intel-linux.gz
Macromedia Upgrade MPSB02-07_hpux.gz
Macromedia Upgrade wsconfig.jar
Macromedia Patch MPSB02-05_Windows
Macromedia Patch 48718.jar
Macromedia Patch mpsb03-04.zip