Allaire ColdFusion 4.5.1 Cached File Request DoS Vulnerability

Solution:
Allaire released patches on January 4, 2000 regarding potential information leakage by the CFCACHE tag which will also clear up this vulnerability. Allaire has also issued enhancement requests for ColdFusion Server which would include a default timeout in the <CFCACHE> tag, exposure of the timeout with a tag attribute, and setting the Administrative "Timeout requests after XX seconds" setting to "ON" by default.


Allaire ColdFusion Server 4.5.1


 

Privacy Statement
Copyright 2010, SecurityFocus