InfoSec Security Alert: Servers running ColdFusion

(ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX)


An attack is currently underway against Cold Fusion installs.  It is very broad, they are trying this on any server shown by Google as vulnerable.  Basically, they are looking to own the world right now.  Speculatively, they will come back and look through the compromised servers later to see if there is anything interesting.  If you run Cold Fusion, take a look at the advisory below and take the appropriate action.  (This is CVE-2013-0625, CVE-2013-0629, CVE-2013-0631)



An indicator that you have a problem is if you have a file on your server named:  h.cfm