Highlighted

Cold Fusion Vulnerability issue

Community Beginner ,
Dec 01, 2016

Copy link to clipboard

Copied

Hi all,

I am new to cold fusion and i am facing a problem which has been pointed out by our security team on an application wirtten in cold fusion:

We have an application written in cold fusion, for which the login page is lets say the below -

https://xxx.com/vendor/index.cfm

Now the vendor is the root directory and it has subdirectories containing the cfm files. So if i do https://xxx.com/vendor/common/abc.cfm , i am able to access the abc.cfm which is in the common folder inside the vendor directory. Now the problem is that if i do https://xxx.com/vendor/common/ , it shows meon browser the list of files present in the common directory, which is not acceptable.. I can see that putting index.cfm in the common folder resolves the problem by redirecting me to the index page. But since there are approximately 120 subdirectories , is there a way to do this in a better way other than putting an index.cfm in every folder ? I tried the missing page handler on the server colsole but no luck.

Any assistance will be greatly appreciated.

Correct answer by Amarnath88 | Community Beginner

i disabled directory browsing on iis , that did the trick . Thanks a lot for your help !!!! If i see any issue , i will post again.

Views

189

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Cold Fusion Vulnerability issue

Community Beginner ,
Dec 01, 2016

Copy link to clipboard

Copied

Hi all,

I am new to cold fusion and i am facing a problem which has been pointed out by our security team on an application wirtten in cold fusion:

We have an application written in cold fusion, for which the login page is lets say the below -

https://xxx.com/vendor/index.cfm

Now the vendor is the root directory and it has subdirectories containing the cfm files. So if i do https://xxx.com/vendor/common/abc.cfm , i am able to access the abc.cfm which is in the common folder inside the vendor directory. Now the problem is that if i do https://xxx.com/vendor/common/ , it shows meon browser the list of files present in the common directory, which is not acceptable.. I can see that putting index.cfm in the common folder resolves the problem by redirecting me to the index page. But since there are approximately 120 subdirectories , is there a way to do this in a better way other than putting an index.cfm in every folder ? I tried the missing page handler on the server colsole but no luck.

Any assistance will be greatly appreciated.

Correct answer by Amarnath88 | Community Beginner

i disabled directory browsing on iis , that did the trick . Thanks a lot for your help !!!! If i see any issue , i will post again.

Views

190

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Dec 01, 2016 0
Adobe Employee ,
Dec 01, 2016

Copy link to clipboard

Copied

Hi,

If I understood the problem correctly then you have directory browsing enable at webserver. First please disable it and then check it.

Thanks,

Priyank

Thanks,
Priyank Shrivastava

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 01, 2016 0
Community Beginner ,
Dec 01, 2016

Copy link to clipboard

Copied

hi priyank,

thanks for the reply.

I tried the following -

going to C:\ColdFusion10\cfusion\runtime\conf  web.xml and changing the value of listings parameter -

<servlet>

        <servlet-name>default</servlet-name>

        <servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class>

        <init-param>

            <param-name>debug</param-name>

            <param-value>0</param-value>

        </init-param>

        <init-param>

     <!-- secure profile disable start -->

            <param-name>listings</param-name>

            <param-value>false</param-value>

            <!-- secure profile disable end -->

     <!-- secure profile enable start

            <param-name>listings</param-name>

            <param-value>false</param-value>

            secure profile enable end -->

        </init-param>

        <load-on-startup>1</load-on-startup>

    </servlet>

I changed the listing from true to false, but no luck so far.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 01, 2016 0
Community Beginner ,
Dec 01, 2016

Copy link to clipboard

Copied

i disabled directory browsing on iis , that did the trick . Thanks a lot for your help !!!! If i see any issue , i will post again.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 01, 2016 0
Adobe Employee ,
Dec 01, 2016

Copy link to clipboard

Copied

Hi,

Glad that did the trick, could you please mark the answer correct.

Thanks,

Priyank

Thanks,
Priyank Shrivastava

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 01, 2016 0
Community Beginner ,
Dec 01, 2016

Copy link to clipboard

Copied

did it, thanks again!

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 01, 2016 0
Explorer ,
Dec 01, 2016

Copy link to clipboard

Copied

Your security team must not know an arse from an elbow if they did not know how to turn off directory browsing.

I'd seriously consider a full security audit of your OS, web server, CF server and code.

Also has been "ColdFusion" - one word - for close to two decades now...

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 01, 2016 0