|
|
 |
Project Home
•
Blog
•
Forums
•
Wiki
•
Known Issues
• External Project Link
• Contact Project
BlogCFC Issue: Admin security concerns
| Name: |
Admin security concerns |
| ID: |
13 |
| Project: |
BlogCFC |
| Type: |
Enhancement |
| Area: |
Administration |
| Severity: |
Normal |
| Status: |
Closed |
| Related URL: |
|
| Creator: |
Shlomy Gantz |
| Created: |
03/09/07 12:42 PM |
| Updated: |
04/12/07 1:58 PM |
| Description: |
I just installed the latest version of BlogCFC and I found two security vulnerabilities in BlogCFC admin that combined create a serious threat.
Brute force login
-----------------
admin/application.cfm
I would add a wait period after failed login to prevent brute force attacks
Maybe something like : <cfset createObject("java", "java.lang.Thread").sleep(500)>
File manager
-----------
File manager is currently susseptable to directory traversal attacks , simply try /blog/admin/filemanager.cfm?dir=../../
|
| History: |
Created by shlomygantz (Shlomy Gantz) : 03/09/07 12:42 PM
Comment by cfjedimaster (Raymond Camden) : 03/09/07 1:14 PM
I can't believe I missed #2. It is fixed and will be deployed in a bit. I'll also post a security alert to my blog and blogcfc.com.
Can you talk a bit more about #1? This is just rapid hits with various u/p, right?
Comment by cfjedimaster (Raymond Camden) : 03/09/07 2:28 PM
Ok, I added both.
Comment by shlomygantz (Shlomy Gantz) : 03/10/07 7:07 AM
Yes... simply rapid hits waiting to get a response of success of failure. Since the code is open source it is easy to create a simple regex that looks for the correct response.
The problem is really the combination of both issues that allows you to really casue some damage.
Updated by cfjedimaster (Raymond Camden) : 04/12/07 1:58 PM
|
To add a comment to this bug, please login using the link above.
|
