We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

Security vulnerabilities: 1)Trace and Track    2)weak SSL ciphers

Medium Priority
3,221 Views
Last Modified: 2013-11-16
I have the following 2 Nessus scan results which have been bugging us a while
because when my colleague tried to fix them, it affects the web service.

Anyone has any idea on how to address them without affecting the service

======================================

interwise (7778/tcp)

Synopsis :

Debugging functions are enabled on the remote web server.


Description :

The remote webserver supports the TRACE and/or TRACK methods. TRACE
and TRACK are HTTP methods which are used to debug web server
connections.

In addition, it has been shown that servers supporting the TRACE
method are subject to cross-site scripting attacks, dubbed XST for
"Cross-Site Tracing", when used in conjunction with various weaknesses
in browsers. An attacker may use this flaw to trick your legitimate
web users to give him their credentials.


See Also :

http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf
http://www.apacheweek.com/issues/03-01-24
http://www.kb.cert.org/vuls/id/867593


Solution:

Disable these methods.


Risk Factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

====================================================================

csd-mgmt-port (3071/tcp)

Synopsis :

The remote service supports the use of weak SSL ciphers.


Description :

The remote host supports the use of SSL ciphers that offer either weak
encryption or no encryption at all.


See Also :

http://www.openssl.org/docs/apps/ciphers.html


Solution:

Reconfigure the affected application if possible to avoid use of weak
ciphers.


Risk Factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)


Plugin output :

Here is the list of weak SSL ciphers supported by the remote server :

Low Strength Ciphers (< 56-bit key)
SSLv3
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
TLSv1
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
Comment
Watch Question

Commented:
They're both going to affect the web service by nature of the issue, as they are web service vulnerabilities, so there is no way to remediate without affecting it.

With that said, what OS is it?

In Windows, this is a reg hack to disable the weak ciphers.  This should not have a significant effect on the web service, as you're basically saying, don't negotiate SSL using these certain weak encryption ciphers -- typically, a good idea, right?  You don't want that ssl negotation to be hacked/decrypted by the bad guys.

Check out: http://www.curtis-lamasters.com/2008/06/21/windows-iis-ssl-restrict-weak-ciphers/

Trace and Track are usually only needed for debugging and don't affect the end user experience.  I woudl suggest disabling these, and enabling only when troubleshooting.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:

It's Windows 2003 Enterprise servers as well as Win 2003 Std Edition  OS.

So both the Trace and Track as well as "weak ciphers" which I indicated above
are the same issue?  

Are the solution for both indicated in link below ?
http://www.curtis-lamasters.com/2008/06/21/windows-iis-ssl-restrict-weak-ciphers/ 
Commented:
No, trace/track are slightly different.  I've done a lot of nessus scanning, these are common issues.

Check:
http://technet.microsoft.com/en-us/library/cc730944.aspx

urlscan can be used for track:
http://technet.microsoft.com/en-us/security/cc242650.aspx

Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.