republican-creole
Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Cold Fusion web sites getting compromised
Uniqs:
381		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Security Software Updates - 06 Jul 2009 »
« (topic move) Router session  

VikingBob

join:2004-06-05
Ste Anne, MB
·MTS

Cold Fusion web sites getting compromised

From »isc.sans.org/diary.html?storyid=6715

There have been a high number of Cold Fusion web sites being compromised in last 24 hours. We received several e-mails about this.

It appears that the attackers are exploiting web sites which have older installations of some Cold Fusion applications. These applications have vulnerable installations of FCKEditor, which is a very popular HTML text editor, or CKFinder, which is an Ajax file manager. The vulnerable installations allow the attackers to upload ASP or Cold Fusion shells which further allow them to take complete control over the server.

The attacks we've been seeing in the wild end up with inserted tags into documents on compromised web sites. As you can probably guess by now, the script tags point to a whole chain of web sites which ultimately serve malware and try to exploit vulnerabilities on clients.
permalink · 2009-07-02 22:25:17 · Print · Reply to this

VikingBob

join:2004-06-05
Ste Anne, MB

Re: Cold Fusion web sites getting compromised

Update from ISC: »isc.sans.org/diary.html?storyid=6730
permalink · 2009-07-05 11:56:43 · Reply to this

Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB		 Its so easy to whack a truck load of websites it hurts, insert malware and all of a sudden its a browser problem.

Blake
permalink · 2009-07-07 05:22:58 · Reply to this

SnowyOne
Premium
join:2003-04-05
Kailua, HI

Re: Cold Fusion web sites getting compromised

It's a good thing that the browser is responsible for the system.
Imagine if that task belonged to web content.
permalink · 2009-07-07 06:10:35 · Reply to this
Forums » Up and Running » Security » SecuritySecurity Software Updates - 06 Jul 2009 »
« (topic move) Router session  

Thursday, 10-Dec 21:08:13 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.republican-creole
page compression OFF
Most commented news this week
· [200] Sprint Sued For Distracted Driving Death
· [136] AT&T Launching New 24 Mbps U-Verse Tier
· [87] AT&T Hints At Usage-Based iPhone Data Pricing
· [82] 3G Network Test Says AT&T Is Tops
· [73] WPA Cracker: Test WPA-PSK Networks In 20 Minutes
· [72] Mediacom Unveils 105 Mbps Pricing
· [66] Sprint Poised For A Turnaround?
· [54] Average American Consumes 34 Gigabytes Daily
· [51] The Future Of Wi-Fi Is Bright
· [50] Sprint, T-Mobile Merger Rumor Lives
Most people now reading
· New Mediacom Email [Mediacom]
· [WIN7] Well, I was dumb, but do I have recourse? [Microsoft Help]
· malware has been found hidden inside an Ubuntu screensaver [Security]
· IMG 1.7 (IMG Updates and Discussion) [Verizon FIOS TV]
· Windows 7 boot manager editing questions [Microsoft Help]
· Snow on Roof [Home Repair & Improvement]
· [How to] Install Asterisk on an Asus WL-520GU router [VOIP Tech Chat]
· Connecting to Google Voice Via SIP [VOIP Tech Chat]
· ICC strats [World of Warcraft]
· Cross Server Dungeon Experience [World of Warcraft]