vulnerability exploitation basics
Posted on 2012-03-12
Can anyone give me a management style breakdown of how a missing patch on a webserver could lead to compromise of restricted data in a private LAN? And some realistic opinion on whether it would.
Say for example you find apache tomcat is out of date on a public facing web server. Who and how would a user compromise that? And by compromising that exploit on just that web server– so what? What access does this give them and to what, typically.
A manager will say “… well there’s know sensitive data housed on this web server – so who cares about this finding”. So… if they exploit that missing patch on the web server, what is the typical flow of attack for them to then gain access to the private network? Or is it basically impossible to leverage this new level of access to the internal network?
And realistically how will an out of date apache tomcat version make your internal private network and data at risk? Is this theoretical, or a high possibility. You don’t have to go into how to hack detail just put it in some form of clearer picture how someone (if possible) exploited an out of date apache – could that in turn lead to access to sensitive data housed in the internal LAN?
I’d be very interested to see perhaps the 1-10 steps required to go from anonymous internet user finds out of date software on web server …. User gets access to payroll records in internal private network. It sounds on the outside so far fetched its untrue but perhaps you can explain it to me in layman’s terms as a bit of an eye opener.