For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.
The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers. We added these tests to the Detectify scanner tool on 4 October.
Iframe buster DOM-XSS
Iframe busters used by several advertisements network were found vulnerable to XSS. That means that all the websites hosting selected iframe busters are vulnerable to XSS. In a recent query on the most popular websites, we found that 2% of websites were vulnerable.
More details about that can be found here.
CVE-2017-1000499: phpMyAdmin CSRFX
There is a CSRF-vulnerability in older versions of phpMyAdmin, giving an attacker the ability to send a crafted link to someone being logged in to phpMyAdmin and by doing so force the one being logged in to execute SQL commands. This can in turn be used to upload files and thereby take over the server.
CVE-2010-2032: Caucho Resin XSS
Caucho Resin admin interface has a page with a few reflected XSS vulnerabilities. Those are exploitable without logging in.
This is a few years old, but as the researcher discovered several websites still vulnerable against this which is why we decided to implement it.
The plugin logs a lot of information in a publicly available log file. This information includes error messages, path disclosure and depending on circumstances could contain other sensitive information as well.
WordPress wp-license.php Backdoor
This is not a vulnerability per se, but rather a backdoor left from another hacker attack. This backdoor seems to be commonly used in recent attacks.
The backdoor has no authorization at all, meaning anyone can use it to execute code on the server. This itself is a problem, but it is also proof of an existing hacker attack.
Nagios Network Status Exposure
Nagiso is a network monitoring tool used by many large organizations. This is intended for internal use, but it happens that developers expose it to the internet. As there is no authorization required, anyone could access it and thereby get information just intended for internal use.
Umbraco Directory Listing
Umbraco creates a few folders, that according to their documentation, should be locked down. However, security through documentation do not always work when not everyone reads everything, meaning there are vulnerable instances out there.
Questions or comments on our latest security updates? Let us know in the section below.
Begin a scan for the latest vulnerabilities today. Start a free trial with Detectify here!
Already have an account? Login to check your assets.
Detectify is a continuous web scanner monitor service that can be set up for automated scanning for 1000+ known vulnerabilities including the OWASP Top 10. Check for the latest vulnerabilities!