Cold Fusion web sites getting compromised

Author	All Replies
VikingBob join:2004-06-05 Ste Anne, MB Reviews: ·MTS	Cold Fusion web sites getting compromised From »isc.sans.org/diary.html?storyid=6715 There have been a high number of Cold Fusion web sites being compromised in last 24 hours. We received several e-mails about this. It appears that the attackers are exploiting web sites which have older installations of some Cold Fusion applications. These applications have vulnerable installations of FCKEditor, which is a very popular HTML text editor, or CKFinder, which is an Ajax file manager. The vulnerable installations allow the attackers to upload ASP or Cold Fusion shells which further allow them to take complete control over the server. The attacks we've been seeing in the wild end up with inserted tags into documents on compromised web sites. As you can probably guess by now, the script tags point to a whole chain of web sites which ultimately serve malware and try to exploit vulnerabilities on clients.
	to forum · permalink · 2009-07-02 22:25:17 ·

VikingBob join:2004-06-05 Ste Anne, MB	Update from ISC: »isc.sans.org/diary.html?storyid=6730
	to forum · permalink · 2009-07-05 11:56:43 ·
Link Logger Premium,MVM join:2001-03-29 Calgary, AB kudos:3	reply to VikingBob Its so easy to whack a truck load of websites it hurts, insert malware and all of a sudden its a browser problem. Blake
	to forum · permalink · 2009-07-07 05:22:58 ·
Snowy mIRC unix.ro UnderNet Premium join:2003-04-05 Kailua, HI kudos:5	It's a good thing that the browser is responsible for the system. Imagine if that task belonged to web content.
	to forum · permalink · 2009-07-07 06:10:35 ·

Broadband Tech > Security > Security > Cold Fusion web sites getting compromised