• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Macromedia ColdFusion MX Remote Development Service File Disclosure Vulnerability

A vulnerability has been reported for the RDS service that may allow an attacker to obtain unauthorized access to a data residing on a ColdFusion MX server. The vulnerability is due to the way that authentication is done when communicating with a ColdFusion MX server.

It is possible for a remote user to configure their web site properties to access files residing on the vulnerable server.

Any information obtained in this manner may be used by an attacker to launch further attacks against a vulnerable system.