Vulnerabilities > CVE-2000-0538 - Unspecified vulnerability in Allaire Coldfusion Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password.
Vulnerable Configurations
Exploit-Db
description | ColdFusion Server 2.0/3.x/4.x Administrator Login Password DoS Vulnerability. CVE-2000-0538. Dos exploits for multiple platform |
id | EDB-ID:19996 |
last seen | 2016-02-02 |
modified | 2000-06-07 |
published | 2000-06-07 |
reporter | Stuart McClure |
source | https://www.exploit-db.com/download/19996/ |
title | ColdFusion Server 2.0/3.x/4.x - Administrator Login Password DoS Vulnerability |
Nessus
NASL family | CGI abuses |
NASL id | COLD_FUSION_ADMIN_DOS.NASL |
description | A denial of service vulnerability exists within the Allaire ColdFusion web application server (version 4.5.1 and earlier) which allows an attacker to overwhelm the web server and deny legitimate web page requests. By downloading and altering the login HTML form, an attacker can send overly large passwords (>40,0000 chars) to the server, causing it to stop responding. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10581 |
published | 2000-12-19 |
reporter | This script is Copyright (C) 2000-2018 Matt Moore |
source | https://www.tenable.com/plugins/nessus/10581 |
title | Cold Fusion Administration Page Overflow DoS |
code |
|