Jump to content

Recommended Posts

um do you want someone to beta test this site for exploits ???

 

Input Type Password Autocomplete Enabled

Password type input named pass from unnamed form with action ./process.php has autocomplete enabled. An attacker with local access could obtain the cleartext password from the browser cache.

The impact of this vulnerability

Possible sensitive information disclosure

How to fix this vulnerability

The password autocomplete should be disabled in sensitive applications. To disable autocomplete, you may use a code similar to: < INPUT TYPE="password" AUTOCOMPLETE="off" >

 

User credentials are sent in clear text

The impact of this vulnerability

A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.

How to fix this vulnerability

Because user credentials usually are considered sensitive information, it is recommended to be sent to the server over an encrypted connection.

 

 

Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1

This version of Apache is vulnerable to HTML injection (including malicious Javascript code) through "Expect" header. Until not it was not classed as security vulnerability as an attacker has no way to influence the Expect header a victim will send to a target site. However, according to Amit Klein's paper: "Forging HTTP request headers with Flash" there is a working cross site scripting (XSS) attack against Apache 1.3.34, 2.0.57 and 2.2.1 (as long as the client browser is IE or Firefox, and it supports Flash 6/7+). Affected Apache versions (up to 1.3.34/2.0.57/2.2.1). This vulnerability affects Web Server.

The impact of this vulnerability

Malicious users may inject JavaScript, not allowed, ActiveX, HTML or Flash to fool a user in order to gather data from them. An attacker can steal the session cookie and take over the account, impersonating the user. It is also possible to modify the content of the page presented to the user.

How to fix this vulnerability

Upgrade to the latest Apache versions. This flaw has been corrected in Apache versions (1.3.35/2.0.58/2.2.2)

Apache Mod_SSL SSL_Util_UUEncode_Binary Stack Buffer Overflow Vulnerability

This alert was generated using only banner information. It may be a false positive. A stack-based buffer overflow has been reported in the Apache mod_ssl module. This issue would most likely result in a denial of service if triggered, but could theoretically allow for execution of arbitrary code. The issue is not believed to be exploitable to execute arbitrary code on x86 architectures, though this may not be the case with other architectures. Affected mod_ssl versions (up to 2.8.17). This vulnerability affects mod_ssl.

The impact of this vulnerability

Denial of service and/or possible arbitrary code execution.

How to fix this vulnerability

Upgrade mod_ssl to the latest version.

 

Apache Mod_SSL Log Function Format String Vulnerability

This alert was generated using only banner information. It may be a false positive. A format string vulnerability has been found in mod_ssl versions older than 2.8.19. Successful exploitation of this issue will most likely allow an attacker to execute arbitrary code on the affected computer. Affected mod_ssl versions (up to 2.8.18).

This vulnerability affects mod_ssl.

The impact of this vulnerability

Denial of service and/or possible arbitrary code execution.

How to fix this vulnerability

Upgrade mod_ssl to the latest version.

Files listed in robots.txt but not linked

This file is listed in robots.txt but it's not linked anywhere in the site.

The impact of this vulnerability

Possible sensitive information disclosure.

 

How to fix this vulnerability

In robots.txt you should include only files or directories linked on the site.

 

 

Apache Mod_Rewrite Off-By-One

This alert was generated using only banner information. It may be a false positive.

 

Apache mod_rewrite is prone to an off-by-one buffer-overflow condition. The vulnerability arising in the mod_rewrite module's ldap scheme handling allows for potential memory corruption when an attacker exploits certain rewrite rules.

 

Affected Apache versions:

Apache 1.3.28 - 1.3.36 with mod_rewrite

Apache 2.2.0 - 2.2.2 with mod_rewrite

Apache 2.0.46 - 2.0.58 with mod_rewrite

 

 

This vulnerability affects Web Server.

The impact of this vulnerability

An attacker may exploit this issue to trigger a denial-of-service condition. Reportedly, arbitrary code execution may also be possible.

 

Attack details

Current version is Apache/1.3.34

 

How to fix this vulnerability

Upgrade Apache to the latest version.

 

 

 

GHDB: robots.txt file

The description for this alert is contributed by the GHDB community, it may contain inappropriate language.

 

Category : Files containing juicy info

 

Webmasters wanting to exclude search engine robots from certain parts of their site often choose the use of a robot.txt file on the root of the server. This file basicly tells the bot which directories are supposed to be off-limits. An attacker can easily obtain that information by very simply opening that plain text file in his browser. Webmasters should *never* rely on this for real security issues. Google helps the attacker by allowing a search for the "disallow" keyword.

This vulnerability affects /robots.txt.

The impact of this vulnerability

Not available. Check description.

 

Attack details

We found

(inurl:"robot.txt" | inurl:"robots.txt" ) intext:disallow filetype:txt

 

How to fix this vulnerability

Not available. Check description

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.