> I have tested a real site with ?Mode=debug. It works.
> close(soc);
> if("CF_TEMPLATE_PATH" >< r)
> {
> security_hole(port);
> exit(0);
> }
> So the vulnerability is notified just one time.
good point
>
> 2/ change the order of dirs ("/" in first) ???
> remove dir[7] = string(cgibin(), "/"); (no change to find a cf page there)
> is it necessary to test all those url ?
[7] should stay ... there is a still a cgi version of coldfusion
> 3/ add "httpver.nasl" in depedencies for virtual host request
done.
updated version is attached.
Regards,
Felix Huber
-------------------------------------------------------
Felix Huber, Security Consultant, Webtopia
Guendlinger Str.2, 79241 Ihringen - Germany
huberfelixat_private (07668) 951 156 (phone)
http://www.webtopia.de (07668) 951 157 (fax)
(01792) 205 724 (mobile)
-------------------------------------------------------
>
>
> Georges Dagousset
>
>
>
>
> ----- Original Message -----
> From: "Felix Huber" <huberfelixat_private>
> To: <plugins-writersat_private>; "Renaud Deraison"
> <deraisonat_private>
> Sent: Wednesday, November 07, 2001 4:46 PM
> Subject: New Script
>
>
> Hi everybody,
>
> just wrote a plugin for a ColdFusion Debug Bug
>
> You can try the script against this box:
> http://www.pit-stop.de/index.cfm
> http://www.pit-stop.de/index.cfm?Mode=debug
>
>
> Regards,
> Felix Huber
>
>
> -------------------------------------------------------
> Felix Huber, Security Consultant, Webtopia
> Guendlinger Str.2, 79241 Ihringen - Germany
> huberfelixat_private (07668) 951 156 (phone)
> http://www.webtopia.de (07668) 951 157 (fax)
> (01792) 205 724 (mobile)
> -------------------------------------------------------
>
>
>
This archive was generated by hypermail 2b30 : Wed Nov 07 2001 - 09:28:50 PST