Solved

McAfee Vulnerability Scanner

Posted on 2009-05-05
5
2,036 Views
Last Modified: 2012-05-06
Hello,

Im running McAfee Vulnerability Scanner on my sites.

its giving me following Vulnerability in my some sites.

1.Vulnerability         Missing Secure Attribute in an Encrypted Session (SSL) Cookie
    Port                 443/tcp

2. Vulnerability       Potentially Sensitive Information Missing Secure Attribute in an Encrypted Session (SSL) Cookie
Port                             443/tcp

Im having sites build using PHP-MYSQL-APACHE.

Can any one help me out with how to fix this Vulnerability with PHP code.

Many Thanks in Advance !!!
0
Comment
Question by:121doc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 12

Expert Comment

by:jahboite
ID: 24303439
This pair of vulnerabilities is due to the fact that a visitor browsing to your https site can be forced to send their cookie over the unencrypted http channel because the cookie doesn't have the secure flag set.  If the visitors browser is made to send an http request for the same domain using the plain http protocol then the cookie is sent over an unencrypted link and thus there is the possibility of revealing sensitive information stored in the cookie - (not that sensitive information should be stored in a cookie, but session IDs are an example).
This might happen if a page at your https site contains any resource which should be loaded from the http site.
There are also several methods that an attacker might use, such as various kinds of inection, to force a visitors browser to make such a request.

In PHP, the sixth paramater to setcookie() should be set to true (or numeric 1) in order to set a cookie which the browser will NOT send over an unencrypted channel:

setcookie( 'my_cookie_name', 'my_cookie_value', time()+3600, '/', '.mywholedomain.com', TRUE);

similarly, if the cookie in question is a session cookie then using session_set_cookie_params() to enforce the secure flag is the way forward.

More about these functions at php.net: http://php.net/manual-lookup.php?pattern=cookie&lang=en


0
 

Author Comment

by:121doc
ID: 24440409
Hi i have tried this but still its not working.

Let me give you exact message.

Path: /login.php --> No "Secure" Attribute on Secure Channel (https) : PHPSESSID=6752becc7c2bb56a059a66c178b0a607; path=/

I have used session_set_cookie_params()  this function as well.

Thanks !!!
0
 
LVL 12

Accepted Solution

by:
jahboite earned 500 total points
ID: 24440664
Would you mind posting the snippet of code that handles the session cookie paramaters so that we can get a better idea of why it might not be working.

From the php manual, it says about the session_set_cookie_params() function:
"The effect of this function only lasts for the duration of the script. Thus, you need to call session_set_cookie_params() for every request and before session_start() is called."

You could also try:

ini_set('cookie.secure', 1)

in each script called.

You could also try adding a php_value directive in an .htaccess file:

php_value  cookie.secure  1
0
 

Author Comment

by:121doc
ID: 24440764
Oops...

I have put this after session_start().

i have put before session_start()  now and checking ..

Let see if its works now or not?

Thanks !!!
0
 

Author Closing Comment

by:121doc
ID: 31577925
Its Works !!! Nice one !!!
0

Featured Post

Is Your DevOps Pipeline Leaking?

Is your CI/CD pipeline a hodge-podge of randomly connected tools? You’ve likely got a tool to fix one problem & then a different tool to fix another, resulting in a cluster of tools with overlapping functionality. Learn how to optimize your pipeline with Gartner's recommendations

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question