ColdFusion DOS Device File Request System Information Disclosure Vulnerability

Bugtraq ID: 4542
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Apr 18 2002 12:00AM
Updated: Apr 18 2002 12:00AM
Credit: Discovered by Peter Gründl <pgrundl@kpmg.dk>.
Vulnerable: Allaire ColdFusion Server 5.0
- Cobalt Linux 5.0
- HP HP-UX 11.0
- Microsoft Windows 2000 Professional SP2
 - Microsoft Windows 2000 Professional SP1
 - Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
 - Microsoft Windows NT 4.0 SP6
 - Microsoft Windows NT 4.0 SP5
 - Microsoft Windows NT 4.0 SP4
 - Microsoft Windows NT 4.0 SP3
 - Microsoft Windows NT 4.0 SP2
 - Microsoft Windows NT 4.0 SP1
 - Microsoft Windows NT 4.0
 - Redhat Linux 7.0
- Sun Solaris 8_sparc
 - SuSE Linux 7.0
Allaire ColdFusion Server 4.5
- Cobalt Linux 5.0
- Cobalt Linux 5.0
- HP HP-UX 11.0
- HP HP-UX 11.0
- Microsoft Windows 2000 Professional SP2
 - Microsoft Windows 2000 Professional SP1
 - Microsoft Windows 2000 Professional SP1
 - Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
 - Microsoft Windows NT 4.0 SP6a
 - Microsoft Windows NT 4.0 SP6
 - Microsoft Windows NT 4.0 SP6
 - Microsoft Windows NT 4.0 SP5
 - Microsoft Windows NT 4.0 SP5
 - Microsoft Windows NT 4.0 SP4
 - Microsoft Windows NT 4.0 SP4
 - Microsoft Windows NT 4.0 SP3
 - Microsoft Windows NT 4.0 SP3
 - Microsoft Windows NT 4.0 SP2
 - Microsoft Windows NT 4.0 SP2
 - Microsoft Windows NT 4.0 SP1
 - Microsoft Windows NT 4.0 SP1
 - Microsoft Windows NT 4.0
 - Microsoft Windows NT 4.0
 - Redhat Linux 7.0
- Redhat Linux 7.0
- Sun Solaris 8_sparc
 - Sun Solaris 8_sparc
 - SuSE Linux 7.0
- SuSE Linux 7.0
Allaire ColdFusion Server 4.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus