ColdFusion on IIS cfm/dbm Diagnostic Error Path Disclosure

medium Nessus Plugin ID 11393

Synopsis

An application running on the remote web server is affected by a path disclosure vulnerability.

Description

It was possible to make the remote web server disclose the physical path to its web root by requesting a MS-DOS device ending in .dbm (as in nul.dbm).

Solution

The vendor suggests turning on 'Check that file exists' :

Windows 2000:
1. Open the Management console 2. Click on 'Internet Information Services' 3. Right-click on the website and select 'Properties' 4. Select 'Home Directory' 5. Click on 'Configuration' 6. Select '.cfm' 7. Click on 'Edit' 8. Make sure 'Check that file exists' is checked 9. Do the same for '.dbm'

See Also

http://www.nessus.org/u?3991a459

Plugin Details

Severity: Medium

ID: 11393

File Name: ColdFusion_path_disclosure.nasl

Version: 1.28

Type: remote

Family: CGI abuses

Published: 3/15/2003

Updated: 6/5/2024

Supported Sensors: Nessus

Enable CGI Scanning: true

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:allaire:coldfusion_server

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 4/18/2002

Reference Information

CVE: CVE-2002-0576

BID: 4542