Apr 29, 2014

ColdFusion Splendor - Released (Finger Crossed)

ColdFusion Splendor released yesterday

http://blogs.coldfusion.com/post.cfm/announcing-the-launch-for-coldfusion-11-and-coldfusion-builder-3

Hope this will not be like a CF 10 with lots of bugs all around.

If product is like CF 10 (not 10.0.1 ..) then seriously we have to look around ColdFusion Road Map.

 Also please give CF world a time and timespan between 2 product release. Hope you understand what I am telling about.


Finger Crossed, Hope CF Splendor will be Awesome Product for Adobe.
Right now, lets accept it and be Pride of CF

Welcome <cfSplendor>






Posted by No comments:
Labels: ,

Apr 26, 2014

ColdFusion Security Statistics Report 2014 - My look

2014 Website Security Statistics Report   released few days back which gives brief Info about security issues related to all web technologies.

Here are few points and some care which we need to take:

1. ColdFusion 5th most widely used languages.
2. But the main Point in the report which brings me sad is "10.59% of ColdFusion sites had at least one SQL Injection vulnerability, the highest among all Programming Languages"

Who is responsible ?

Yes, we developers who are not writing secure CFML code to stop SQL Injection Vulnerabilities.
Not using QueryParam is not at all accepted in CF World.

Writing a Parametrized Query can stop most of SQL Injection Vulnerabilities. Please follow it.

3. XSS (46%), SQL Injection(11%) and Information Leakage(24%) Vulnerabilities are major  concerns.

Hope we will write Secure CFML code and protect our ColdFusion Sever to prevent such vulnerabilities in future.
             


Posted by No comments:
Labels: , , , ,

Apr 24, 2014

How ColdFusion Server was allowing to Install IIS malware which Steals data

I was preparing for my company Level seminar on ColdFusion Security this week and gone through numerous blog and slides to learn about recent ColdFusion attacks.

The one which brings me more Interest is IIS Malware attack.

What is it ?
How IIS malware injected in your server ?

Lot's of questions to be asked but the reason for such attack was CF Backdoor Vulnerability.

Yes, If you keep your Door open some one will come and steal some data from your Server.
Here Door terms your ColdFusion Server.

Lets check  this IIS Malware Injection through flow chart.

iis malware injection
Flow Chart of IIS Malware Injection though CF Backdoor Vulnerability





CF vulnerability allowing to create a Web Shell (A Web shell is a type of Remote Access Tool (RAT) or backdoor Trojan file) in server which in turns execute DLL and adds that module in IIS.

Injected DLL was capturing the post request for specific page example paymentProcess.cfm (Installer added this page during installing DLL) and writing POST parameters info in some log file.

Specifically design DLL was also undetectable by modern Anti-Virus.
Even SSL can't stop this. As it captures data after SSL post is decrypted by the server.

It says that how much Imp was to read ColdFusion Lock Down guide. If you have locked your server then well and good. If not then check lock down guides and lock your server soon.

If you are not aware of CF lock down guide please visit :
http://www.adobe.com/content/dam/Adobe/en/products/coldfusion/pdfs/cf10/cf10-lockdown-guide.pdf

I will be coming with next blog which will contain detail recent CF Vulnerabilities.

Hope it may help



Posted by No comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)