New attacks target flaws in two components
V3.co.uk, 03 Jul 2009
A new wave of attacks is targeting web applications written with the ColdFusion development tool.
Researchers with security group Sans said that the company has received multiple reports of attacks which target vulnerabilities in older versions of ColdFusion.
The attacks are said to target two components in ColdFusion applications: the FCKEditor text editing tool, and the CKFinder file management tool. Once an application is compromised, the attackers can take complete control of the targeted server.
"The attacks we've been seeing in the wild end up with inserted <script > tags in documents on compromised web sites," wrote Sans researcher Bojan Zdrnja in a blog post.
"As you can probably guess by now, the script tags point to a whole chain of web sites which ultimately serve malware and try to exploit vulnerabilities on clients."
Administrators are advised to make sure that all applications are fully updated and patched. Sans is also advising admins to search their web servers for any forgotten or discarded ColdFusion applications which may be vulnerable to attack.
Malicious email attachment masquerades as message notification
Twitter and blogs being used to co-ordinate distributed denial-of-service attacks
This week we cover the continuing controversy surrounding the Orange T-Mobile deal
Using managed services to protect mobile data users from the latest security threats
Counting the cost of data security: the benefits of secured mobile services
Shifting Disaster Recovery targets with SharePoint and SQL server configurations
Using a hostbased recovery system for mission-critical systems
Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.
Replacement warning functioning normally, claims software giant
Annual initiative warns of phishing, ID theft and social network...
Do you agree?
Have your say on this article