SCAN: Coldfusion Start/Stop DoS
This signature detects access to the ColdFusion startstop.html file. Attackers stop the ColdFusion server.
Extended Description
When installing Caldera OpenLinux 2.2 using the LISA book disk an account with root privileges called "help" is created with no password. This account is not deleted from the system when installation is compleated nor is a password assigned to it. Anyone can logon into the system as "help" and obtain root privileges. This vulnerability only affect the LISA style of installation. The new Lizard (graphical) installation interface is not affected.
Affected Products
Caldera openlinux
References
BugTraq: 247
Short Name
SCAN:MISC:HTTP:START-STOP-DOS
Severity
Info
Recommended
False
Recommended Action
None
Category
SCAN
Keywords
Coldfusion DoS Start/Stop bid:247
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Rarely
Vendors
Caldera