Back in 1997, a nice big hole was found in Cold Fusion's server software.
One of the applications that automatically installed in the /cfdocs/
directory would allow anyone to read and upload files to the server. With a
little unique programming, a file could be sent over to the server allowing
full read-write capabilities for the entire NT machine. This file was
created and made available to the public. (see
http://www.l0pht.com/advisories/cfusion.txt)
Shortly after this was made public, (read: same day), the L0pht notified
the administrator of www. Army.mil that his Web site was vulnerable. They
fixed it. However, being the bright, computer savvy people they are, they
forgot to make similar changes for http://www.1.army.mil through
http://www4.army.mil. Oops.
Let's just say it was a target that a former Cold Fusion hacker couldn't
resist.
There were over 400 Web site defacements due to the Cold Fusion bugs and
all Allaire chose to do was issue a security bulletin to their "registered"
users. If a 15 year old high schooler can write a simple script to scan the
entire Web for servers vulnerable to this Cold Fusion hole, then Allaire
certainly could have done it and it would have been worth it to shell out
the extra money to pay someone to e-mail the administrators of each site
notifying them about the hole and explaining how to fix it.
So rather than being security-smart and defending their machines, the US
Army has decided to switch to an operating system they believe is secure
because of its limitations. Oops.
(See:
http://www.securityfocus.com/templates/archive.pike?list=1&date=1997-08-15&m
sg=v03110701b01ef9672ca7@[193.158.16.101)
-- B.K. DeLong Research Lead ZOT Group617.642.7149 bkdelong@zotgroup.com http://www.zotgroup.com