Printable View
if you go to www.fox23news.com and use there search ability on theyir website... it opens a interesting server error.... can anyone explain the security implications of this particulars mistake?
so upon closer inspection i guess its just a mistake in a asp codeing... since the varibles ar enever shown (i didnt notice anyway, i dont programme asp) there is very little that an intruder could do right?
Yakes!
Having your code displayed is not something you would usually want...
In this case, at minimum, it does show some of the database tables' structure which could potentially be usefull for a would be intruder...
Also, (although I looked really quickly) I don't think I've seen the input being escaped... Potential sql injection problem...
Ammo
Let's also discuss the possibility of compromise via the D: drive if permissions are not properly set..... Let's also think about the fact that the data sources are enumerated so access could be gained to all the data, and who knows what else is held in that database..... some nice juicy passwords for example......
This code should probably have been tested in production.....<S>
It's written in ASP.NET. If you click on the second link on the page, the 'Show complete source listing....' (or something like that), you get an autogenerated code listing of around 1600 lines! I would have attached it as a text file, but for some reason the AO graphics don't seem to be loading and I can't post a proper reply!
Hum, yeah, well, we had noticed... that's what we've based our comments on...Quote:
Originally posted here by Nizead
It's written in ASP.NET. If you click on the second link on the page, the 'Show complete source listing....' (or something like that), you get an autogenerated code listing of around 1600 lines! I would have attached it as a text file, but for some reason the AO graphics don't seem to be loading and I can't post a proper reply!
Ammo
hEY IT'S A DAY LATER AND IT IS STILL MESSED UP!! i WOND(shoot, caps!) I wonder if that means there will be a job openeing soon if it leads to something not in their best interest. Now not working in the field my immediate assumption is that stuff happens but it's going on 24 hours-Isn't this a bit long??? :o
Just posting the output so people know what the hell this thread is about after they fix it.
Has anyone emaild them about the problem, possible fixes, and WHY they would want to fix it?
I wanted to e-mail em, but I just couldn't find an e-mail addy!
Ammo
I just e-mailed clear channel (the company who owns the website) this is what I wrote. Nothing fancy, but something that hopefully will get their guru's working on it! Here's what I wrote!
To whom it may concern, as a security advocate, I feel that it is my duty to inform you that one of the websites on the clear channel network is a huge security vulnerability right now. http://www.fox23news.com/ when you use the search function, it gives you an error which displays very sensitive information about your network structure. Please forward this e-mail to your IT department!
Also note, I am including the information available by the webpage, and have pasted it in the message for your review.
. . . hopefully, they'll fix it!
"Also, (although I looked really quickly) I don't think I've seen the input being escaped... Potential sql injection problem... "
im fairly new to this whole security thing so what does SQL injection problem mean? isn't SQL just a code? or am i wrong? also what did "input being escaped" mean? sorry im a real newbie to this world :P
mishka
http://www.securiteam.com/securityre...DP0N1P76E.html
Here's a site that explains alot about common SQL injection. Hope you don't get a 404 while opening the URL.