Results 1 to 4 of 4
  1. #1
    Join Date
    Feb 2011
    Posts
    2
    Plugin Contributions
    0

    Default [no response] fail to adequately sanitize request strings

    My client received the warning below from a security site scan. The site uses version v1.3.9h.

    Are there any measures I can take to prevent this coming up as an issue?


    Description:

    The remote web server hosts cgi scripts that fail to adequately sanitize
    request strings. By leveraging this issue, an attacker may be able
    to execute arbitrary commands on the remote host.

    See Also:

    http://en.wikipedia.org/wiki/Code_injection
    http://projects.webappsec.org/OS-Commanding

    Risk Factor:

    High / CVSS Base Score : 7.5 (CVSS2#AV:N/AC:L/Au:N/C/I/A)

    Solution:

    Restrict access to the vulnerable application. Contact the
    vendor for a patch or upgrade.

    Output:

    Using the POST HTTP method, Site Scanner found that :
    + The following resources may be vulnerable to arbitrary command execution :
    /index.php?main_page=contact_us&action=send [contactname=echo%20NeS%20%2
    0SuS]
    -------- output --------
    <label class="inputLabel" for="contactname">Full Name:</label>
    <input type="text" name="contactname" value="echo NeS SuS" size=" [...]
    <label class="inputLabel" for="email-address">Email Address:</label>
    ------------------------
    Other references : CWE:78, CWE:77, CWE:20, CWE:74, CWE:713, CWE:722, CWE:727, CWE:741, CWE:751, CWE:801

  2. #2
    Join Date
    Jun 2003
    Location
    Newcastle UK
    Posts
    2,930
    Plugin Contributions
    4

    Default Re: fail to adequately sanitize request strings

    I really don't see how this can be considered a vulnerability.

    The test string they are using consists only of normal alpha characters and encoded spaces.

    Without more detail as to why they consider this a scan failure (apart from them pointing to wiki threads which bear no relation to the test they are doing ), not sure how we can help

  3. #3
    Join Date
    Jun 2003
    Location
    Newcastle UK
    Posts
    2,930
    Plugin Contributions
    4

    Default Re: fail to adequately sanitize request strings

    and just to reiterate , even their test output shows no vulnerability

    e.g.

    <input type="text" name="contactname" value="echo NeS SuS" size=" [...]

    the test string is contained within the value attribute as it should be.

  4. #4
    Join Date
    Feb 2011
    Posts
    2
    Plugin Contributions
    0

    Default Re: fail to adequately sanitize request strings

    Thank you for your prompt reply. I posted because I couldn't tell what the vulnerability was either. I shall post back here if more detail is provided to me.

 

 

Similar Threads

  1. Product Attributes FAIL Zen Cart/contractors FAIL - URGENT Need help, new contractor
    By PDub in forum Setting Up Categories, Products, Attributes
    Replies: 3
    Last Post: 16 Apr 2015, 07:07 AM
  2. v151 [Duplicate] IPv6 sanitize problem
    By pasi in forum Bug Reports
    Replies: 1
    Last Post: 1 Nov 2013, 03:23 AM
  3. DoExpressCheckoutPayment API request and response
    By tahiti amin in forum General Questions
    Replies: 1
    Last Post: 16 Apr 2013, 03:21 PM
  4. Sanitize contact form user input
    By betheone in forum General Questions
    Replies: 5
    Last Post: 17 Jan 2012, 03:33 PM
  5. API request and response.
    By stagebrace in forum PayPal Express Checkout support
    Replies: 5
    Last Post: 8 Dec 2008, 04:19 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg