Hello Forum Members,
I am currently in the process of certifying one of my servers to be PCI Compliant. I have resolved all of the reported security vulnerabilities except the following:
I am having the "help.php" problem with ports 2083, 2053, 8443, 2087, 2096.
What would you recommend I do to prevent this vulnerability and pass the PCI Compliance scan?
I am currently in the process of certifying one of my servers to be PCI Compliant. I have resolved all of the reported security vulnerabilities except the following:
Code:
Security Warning found on port/service "www (2096/tcp)"
Status
Fail (This must be resolved for your device to be compliant).
Plugin
"TrustPort WebFilter help.php hf Parameter Directory Traversal"
Category
"CGI abuses "
Priority
"Medium Priority
Synopsis
The remote web server hosts a PHP script that can be abused to disclose
the contents of arbitrary files.
Description
The TrustPort WebFilter administration console install listening on
this port fails to sanitize user input to the 'hf' parameter of the
'help.php' script before using it to return the contents of a file.
An unauthenticated, remote attacker can leverage this issue to view
arbitrary files on the remote host.
See also:
http://www.securityfocus.com/archive/1/527826/30/0/threaded
Risk factor
MEDIUM / CVSS BASE SCORE :5.0 CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
Plugin
output
Nessus was able to obtain the contents of 'windows/win.ini' with the
following request :
https://mydomain.net:2096/help.php?hf=Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4v
Li4vLi4vLi4vLi4vd2luZG93cy93aW4uaW5pWhat would you recommend I do to prevent this vulnerability and pass the PCI Compliance scan?
