Link to home
Start Free TrialLog in
Avatar of leehanken
leehankenFlag for United Kingdom of Great Britain and Northern Ireland

asked on

Why is a PCI Compliance Scan detecting phantom shopadmin.asp and DCShop CGI on Plesk Panel's port?

We are using Security Metrics scan to determine PCI compliance on our website, and it is coming up with the following two results.

TCP      8443      pcsync-https      7       We detected a vulnerable version of the DCShop CGI. This version does not properly protect user and credit card information. It is possible to access files that contain administrative passwords, [More]

TCP      8443      pcsync-https      4       'shopadmin.asp' is installed. Some versions of this script are vulnerable to SQL injection. Solution: Move to a different directory or use a different shopping cart. From VP-ASP 3.0 and higher set the following in shop\$config.asp const xAdminPage=youradminpagename.asp const xShowAdmin=No bugtraq id: 4861 Risk Factor: Medium BID : 4861

The trouble is the only thing running on port 8443 is Parallels Plesk Panel 10 for Linux, we do not even host either of the mentioned shopping carts. How can the scan be detecting something that is not even there?
ASKER CERTIFIED SOLUTION
Avatar of Michael Worsham
Michael Worsham
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of leehanken

ASKER

The Scan Technician is referring this to his supervisor in order to see if these test results can be overridden on this occasion.