For continuous coverage, we push out a major Detectify updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.

Exposed Yii Debugger:

  • Yii is a PHP framework
  • Bundles with a debugger
  • Exposure to all user requests to the server, environment variables and OS
  • If misconfigured, this debug page can be publicly accessible for anyone that knows the URL for it
  • Similar to Flask and the Patreon Werkzeug debugger exposure

Serendipity Redirect:

  • Serendipity is an open source PHP blogging platform
  • An unauthenticated open-redirect exists in the system
  • Can be used in attack chains to get hold of CSRF tokens, OAuth tokens, referrals, etc.

Adobe Dreamweaver /dwsync.xml Exposure

  • Sites developed in Adobe Dreamweaver create a file called dwsync.xml and this file contains the full file/directory listing of the site
  • Can be used to conduct further toward the system

Apache Drill Exposure

  • “Schema-free SQL Query Engine for Hadoop, NoSQL and Cloud Storage”
  • Have a web interface
  • If found, attacker can query all data for an organization

Apache Drill Path Traversal

  • If authentication is lacking, the system can be reconfigured
  • Allows attackers to query the local filesystem and read all files stored on the Apache Drill server

Markdown/deploy.md Exposure

  • Files ending with “.md” usually contain markdown text
  • The file deploy.md usually contains configuration details
  • Attacker could get access to information on how to manage the service

Liferay Portal SSRF

  • Liferay Portal is an enterprise CMS
  • Unauthenticated SSRF via XMLRPC (i.e, no trail is needed)
  • Attacker can send requests to services on their Intranet

Questions or comments on our latest security updates? Let us know in the comments below!

Begin a scan for the latest vulnerabilities today. Start a free trial with Detectify here!

Already have an account? Login to check your assets.

Detectify is a continuous web scanner monitor service that can be up for automated scanning for 1000+ known vulnerabilities including the OWASP Top 10. Check for the latest vulnerabilities!



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here