Hi,
Our company website (www.acuigen.com) is currently using DNN version 08.00.00 (809). We host the site using IIS 8.5.
Recently we had a full external IP scan done using Nessus and it came back with some Low/Medium results for the website. As I don't have much knowledge of web development issues or how to fix them, it would be fantastic if some experts could have a look at these and give some support/solutions. I have access to the SuperUser account and I'm looking to re-mediate these issues ASAP.
1. CGI Generic HTML Injections (quick test)
Test ID:
49067
Severity: 2 / Medium
Description:
The remote web server hosts CGI scripts that fail to adequately sanitize request
strings with malicious JavaScript. By leveraging this issue, an attacker may be
able to cause arbitrary HTML to be executed in a user's browser within the
security context of the affected site. The remote web server may be vulnerable
to IFRAME injections or cross-site scripting attacks : - IFRAME injections allow
'virtual defacement' that might scare or anger gullible users. Such injections
are sometimes implemented for 'phishing' attacks. - XSS are extensively tested
by four other scripts. - Some applications (e.g. web forums) authorize a subset
of HTML without any ill effect. In this case, ignore this warning.
2. Nuked-Klan index.php Multiple Module Vulnerabilities
Test
ID: 11447
Severity: 2 /
Medium
Description: Nuked-klan 1.3b fails to sanitize
user-supplied input to several parameters before using them in the 'Team',
'News', and 'Liens' modules to display dynamic HTML. An attacker may leverage
these issues to launch cross-site scripting attacks against the affected host.
In addition to this, another flaw may allow an attacker to obtain the physical
path of the directory in which the application is installed.
3. phpCMS parser.php file Parameter XSS
Test
ID: 15850
Severity: 2 /
Medium
Description: The remote host runs phpCMS, a content
management system written in PHP. This version is vulnerable to cross-site
scripting due to a lack of sanitization of user-supplied data in parser.php
script. Successful exploitation of this issue may allow an attacker to execute
malicious script code on a vulnerable server.
4. Web Server HTTP Header Internal IP Disclosure (is this one to do with DNN? I can look into the IIS or Firewall settings if need be)
Test
ID: 10759
Severity: 1 /
Low
Description: This may expose internal IP addresses that
are usually hidden or masked behind a Network Address Translation (NAT) Firewall
or proxy server. There is a known issue with Microsoft IIS 4.0 doing this in its
default configuration. This may also affect other web servers, web applications,
web proxies, load balancers and through a variety of misconfigurations related
to redirection.
If anyone has any solutions to the 4 numbered problems, then please reply to this thread or PM me directly.
Thanks,
James