Unit5Dis1
Vulnerabilities
1. Apache /2.2.8 is out of date
2. Number of sections in the version string differ from those in the database, the server reports: 5.2.4.45.2.117.98.117.110.116.117.5.10 while the database has: 5.2.8
3. PHP/5.2.4-2ubuntu5.10 appears to be outdated
4. /config/: Configuration information may be available remotely.
5. /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests which contain specific QUERY strings.
What risks do they create?
1. Since version is out of date newer version could contain security patches needed to keep system safe. Also could correct security vulnerabilities in older version.
2. Since version is out of date newer version could contain security patches needed to keep system safe. Also could correct security vulnerabilities in older version.
3. Since version is out of date newer version could contain security patches needed to keep system safe. Also could correct security vulnerabilities in older version.
4. Config file is available remotely therefore someone could use this file to change configuration and gain access to the system.
5. Hacker could use this vulnerability to gain access to the system.
How can they be remediated?
1. Update the version.
2. Update the version.
3. Update the version.
4. Ensure that the config file is located behind the firewall.
5. The query strings need to be blocked or block the requests.
What practices should be used to prevent similar vulnerabilities?
All systems should be updated and patched regularly. Set up a regular scan schedule to ensure all systems are up to date.
What protective measures could be used if applications or servers could not be fixed?
If the applications cannot be patched or updated then alternative applications should be used and the vulnerable ones taken down. The servers should be taken down if not needed. Ensure that the servers/applications are isolated behind firewalls if they cannot be
1. Apache /2.2.8 is out of date
2. Number of sections in the version string differ from those in the database, the server reports: 5.2.4.45.2.117.98.117.110.116.117.5.10 while the database has: 5.2.8
3. PHP/5.2.4-2ubuntu5.10 appears to be outdated
4. /config/: Configuration information may be available remotely.
5. /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests which contain specific QUERY strings.
What risks do they create?
1. Since version is out of date newer version could contain security patches needed to keep system safe. Also could correct security vulnerabilities in older version.
2. Since version is out of date newer version could contain security patches needed to keep system safe. Also could correct security vulnerabilities in older version.
3. Since version is out of date newer version could contain security patches needed to keep system safe. Also could correct security vulnerabilities in older version.
4. Config file is available remotely therefore someone could use this file to change configuration and gain access to the system.
5. Hacker could use this vulnerability to gain access to the system.
How can they be remediated?
1. Update the version.
2. Update the version.
3. Update the version.
4. Ensure that the config file is located behind the firewall.
5. The query strings need to be blocked or block the requests.
What practices should be used to prevent similar vulnerabilities?
All systems should be updated and patched regularly. Set up a regular scan schedule to ensure all systems are up to date.
What protective measures could be used if applications or servers could not be fixed?
If the applications cannot be patched or updated then alternative applications should be used and the vulnerable ones taken down. The servers should be taken down if not needed. Ensure that the servers/applications are isolated behind firewalls if they cannot be