CodFusion

In a recent SANS posting, they identify a vulnerability in some ColdFusion installations. It involves the richtext feature found in cftexarea. This feature actually uses an open source application called FCKEditor. The FCKEditor has functionality to handle file uploads and file management but this feature should be disabled in the version embedded in CF server. The problem lies in that in some cases the connector that runs this feature is actually turn on.

Is your connector on? Go to..
CFIDE\scripts\ajax\FCKeditor\editor\filemanager\connectors\cfm

Look at config.cfm and see if the connector is on.

If left on, this means a hacker might be able to directly call the filemanager system to upload files and take control of the server. FCKEditor has had some history on being exploited by this type of attack.

Solutions:
1) Turn off the connector so that the filemanagement and file upload features can't work.

2) To be completely safe, delete the entire filemanager directory found under "CFIDE\scripts\ajax\FCKeditor\editor". The embedded version of FCKeditor for CF doesn't and really shouldn't use this feature. So removing those files completely is the safest thing to do. Be mindful that updates to CF might re-introduce those files and naturally re-open the problem.

Andy Powell has posted a survey to gain more information about potential attendees for Flash (Flex) Camp ATL.  If you would like to help shape the direction of the event, please fill out the following survey:

Doug Knudsen of Universal Mind will be presenting tonight on the Online Flex Meetup . His topic is on Drag n Drop in Flex and how pretty much anything can have these features. If you are new to Flex this is a must see. If you're very experienced, you may be surprise some the details of Drga n Drop.

To rsvp and attend the meeting simply go to..

http://ria.meetup.com/10/calendar/10708654/