Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Cold Fusion web sites getting compromised
Search Topic:
Uniqs:
378		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Security Software Updates - 06 Jul 2009 »
« (topic move) Router session  
AuthorAll Replies
-


SnowyOne
Premium
join:2003-04-05
Kailua, HI		reply to Link Logger
Re: Cold Fusion web sites getting compromised

It's a good thing that the browser is responsible for the system.
Imagine if that task belonged to web content.
to forum · permalink · · 2009-07-07 06:10:35 · Reply to this


Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB		reply to VikingBob
Its so easy to whack a truck load of websites it hurts, insert malware and all of a sudden its a browser problem.

Blake
to forum · permalink · · 2009-07-07 05:22:58 · Reply to this


VikingBob

join:2004-06-05
Ste Anne, MB		reply to VikingBob
Update from ISC: »isc.sans.org/diary.html?storyid=6730
to forum · permalink · · 2009-07-05 11:56:43 · Reply to this


VikingBob

join:2004-06-05
Ste Anne, MB
·MTS

  From »isc.sans.org/diary.html?storyid=6715

There have been a high number of Cold Fusion web sites being compromised in last 24 hours. We received several e-mails about this.

It appears that the attackers are exploiting web sites which have older installations of some Cold Fusion applications. These applications have vulnerable installations of FCKEditor, which is a very popular HTML text editor, or CKFinder, which is an Ajax file manager. The vulnerable installations allow the attackers to upload ASP or Cold Fusion shells which further allow them to take complete control over the server.

The attacks we've been seeing in the wild end up with inserted tags into documents on compromised web sites. As you can probably guess by now, the script tags point to a whole chain of web sites which ultimately serve malware and try to exploit vulnerabilities on clients.
to forum · permalink · · 2009-07-02 22:25:17 · Reply to this
Forums » Up and Running » Security » SecuritySecurity Software Updates - 06 Jul 2009 »
« (topic move) Router session  

Sunday, 06-Dec 04:49:44 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [163] Comcast Releasing Promised Usage Meter
· [147] Avast Antivirus Has Gone Mad
· [128] Comcast Makes NBC Universal Acquisition Official
· [124] The Bandwidth Hog Does Not Exist
· [105] Graduate Student Unveils Sprint's GPS Sharing With Feds
· [101] Google Invades ISP, OpenDNS Turf With Google Public DNS
· [85] FCC Ponders Moving From PSTN To IP Voice
· [82] Latest Consumer Reports Survey Not Kind To AT&T
· [80] New Bill Aims To Limit ETFs
· [75] Sprint Defuses GPS Privacy Media Bomb
Most people now reading
· [DNS] Google's public DNS... performance increases? [Comcast HSI]
· False positive in Avast! or is it real? [Security]
· Windows 7 boot manager editing questions [Microsoft Help]
· Is there any true cure for, or way to prevent, a hangover? [General Questions]
· DNS options, what are YOU using? [TekSavvy]
· Wife might have to work in.... Iowa for a few months!!! [General Questions]
· [Newsgroups] Newzleech down? [Filesharing Software]
· stone keepers shards [World of Warcraft]
· Port Forward through Docsis3 Gateway & Linksys RV042 [Comcast HSI]
· Maximizing Rogue DPS for ToC/ToGC (3.x) [World of Warcraft]