0 Replies Latest reply on Nov 21, 2014 12:53 AM by Karthik Nathan

    Security Vulnerabilities

    Karthik Nathan Newbie

      Now our security team reported Following are the list of backlog items in terms of Security Vulnerabilities :   We need to find out which part of application code which causing these below issue. So do you have any advice about this issue ,  thanks !

       

      ·         CGI Generic Header Injection

      HTTP header injection is a vulnerability which occurs when HTTP headers are based on user input. Header injection in HTTP responses can allow HTTP response splitting and XSS attacks.The remote web server hosts CGIs that are vulnerable to 'header injection'. By leveraging this issue, an attacker may be able to poison a proxy cache, or trigger a cross-site scripting flaws and cause arbitrary HTML and script code to be executed in a user's browser within the security context of the affected site. Privilege escalation may be possible too, depending on the application.

      ·        

      ·         HTML Injections

      Hypertext Markup Language (HTML) injection, also sometimes referred to as virtual defacement, is an attack on a user made possible by an injection vulnerability in a web application. When an application does not properly handle user supplied data, an attacker can supply valid HTML, typically via a parameter value, and inject their own content into the page.

      ·         Cross Site Scripting Attack

      The remote web server hosts CGI scripts that fail to adequately sanitize request strings with malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the affected site. These XSS are likely to be 'non persistent' or 'reflected'.

       

      ·         Cookie Injection

      The remote web server hosts at least one CGI script that fails to adequately sanitize request strings with malicious JavaScript. By leveraging this issue, an attacker may be able to inject arbitrary cookies. Depending on the structure of the web application, it may be possible to launch a 'session fixation' attack using this mechanism.

      Thanks