Search the Site

 

Top
Blog

My Social
Services
Meta
Powered by Squarespace

Entries in Coldfusion (5)

Thursday
Aug192010

Adobe Coldfusion 8 and 9 Vulnerable to Hijacking

DateThursday, August 19, 2010 at 12:09

Adobe released a security bulletin regarding the Coldfusion web engine. Upgrade / patch your Coldfusion server if you like to stay in control of your webserver. The patch has been classified as important.

An important vulnerability has been identified in ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 for Windows, Macintosh and UNIX. This directory traversal vulnerability could lead to information disclosure (CVE-2010-2861). Adobe has provided a solution to the reported vulnerability. It is recommended that users update their product installation using the instructions provided above.

The patch/update get be downloaded here.

AuthorWillem | CommentPost a Comment |
tagged , , in ,
Thursday
Jul012010

Installing Adobe Coldfusion 9 on OSX Server 10.6.4

DateThursday, July 1, 2010 at 17:06

Updated on Tuesday, July 20, 2010 at 11:08 by Registered CommenterWillem

Updated on Friday, July 30, 2010 at 7:53 by Registered CommenterWillem

After Apple updated the Mac mini to it's current form (mid 2010), I decided that it was time to start replacing my 'faithful' Windows 2003 server with something a bit less power consuming. The original Mac Mini was basically a consumer device, but a while back, Apple released a server version of the device. The main differences are:

  • Only 1 CPU model available (2.66GHz at this moment)
  • No DVD drive
  • 2 * 500GB internal disks
  • OSX 10.6.4 Server edition (unlimited clients)

Basically everything you could ever need for a server with a very small footprint.

The installation of Coldfusion is not straight forward. Not that I expected it to be [1], [2], [3], but one keeps hoping on an installer that actually installs the complete package, and where you don't have to edit files yourself to get it to work. It's not that it's the very first version of the scripting engine......

Anyway, the installer guides you through everything needed to INSTALL the software. Getting it to work comes next....

Click to read more ...

AuthorWillem | Comment11 Comments |
tagged , , , , in , ,
Thursday
Apr012010

Adobe Coldfusion 9 on CentOS 5.4 (x64)

DateThursday, April 1, 2010 at 7:15

Updated on Monday, April 5, 2010 at 18:53 by Registered CommenterWillem

A while back I figured out how to install Adobe (could have been Macromedia back then) Coldfusion MX on an Ubuntu linux server. This config still runs as it should, but in the mean time several things have changed in the world of software. I've been leaning towards Centos 5.4, and Adobe released Coldfusion 9 somewhere in 2009. These two 'events' made me decide to combine the two.

Before I continue, I must warn you that the Coldfusion installer is still broken..... So there's some manipulation of code involved.

Since the new 'server' is going to run in a virtual environment I started in a VMWare Workstation. This way I could make snapshots of my progress. This made it easier to start from scratch. The problem with Linux and me is that I tend to reinstall the OS when things go haywire. So VMWare is a safe way out in this case.

Click to read more ...

AuthorWillem | Comment5 Comments |
tagged , , , , , in , , ,
Wednesday
Aug272008

Undocumented Coldfusion Ports

DateWednesday, August 27, 2008 at 13:27

After running 'chkrootkit' on one of my Ubuntu server at work, I got a responds:

Checking `bindshell'... INFECTED (PORTS:  4000)

A message which started a 'mild' shiver across my back, because the rootkit checker just reported that one of the processes on the server could be compromised.

First I took the server of the network. Just to make sure. After that I searched the Internet for a possible explaination. Nothing substancionally. until I found the following command to see what is occupying the port.

sudo netstat -e -p -n -a | grep 4000

This gave me the following result:

udp6       0      0 :::4000                 :::*
65534      13886      4739/coldfusion8

So it seems that Adobe Coldfusion is using this port. But this can't be found in any of the official Adobe Coldfusion documentation. There are some (blog)posts related to this, but nothing more.

AuthorWillem | CommentPost a Comment |
tagged , , in , , ,
Saturday
May102008

Adobe Coldfusion MX on Ubuntu Server

DateSaturday, May 10, 2008 at 12:15

Ever since I went 'Apple', the urge of moving away from Microsoft Windows operating systems is getting bigger and bigger. A couple of weeks ago I installed a two Ubuntu servers (v7.x) at work. Mainly for testing , and educational purposes.
The installation went extremely smooth on old Compaq ML370 server hardware. So, as a test I tried to install Adobe Coldfusion MX (Coldfusion 8 ) on the Ubuntu server (with Apache, and MySQL).

There are several postings on the Internet suggesting that it should be possible. Even though Ubuntu isn't on the supported platforms list for Adobe Coldfusion MX.

Click to read more ...

AuthorWillem | Comment1 Comment |
tagged , , , , in , , ,