SCAN: Coldfusion Exampleapp Probe
This signature detects access to the exampleapp application that ships by default with some versions of ColdFusion. Attackers can use this application to gain control of a Web server.
Extended Description
Allaire Macromedia ColdFusion is a web application server. It supports quick development, publication and management of web content. By design, sample applications do not permit access from any other source than the ColdFusion server itself. A flaw exists in two sample applications which could enable a remote user to bypass this feature. Allowing the user to take any desired action including creating files, viewing files, or executing arbitrary commands on the target host.
Affected Products
Allaire coldfusion_server
Short Name
SCAN:MISC:HTTP:EXAMPLEAPP-PRB
Severity
Info
Recommended
False
Recommended Action
None
Category
SCAN
Keywords
CVE-2001-0535 Coldfusion Exampleapp Probe bid:3154
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Rarely
Vendors
Allaire
CVSS Score
7.5