Solved

Problems with page

Posted on 2014-02-19
1
407 Views
Last Modified: 2014-02-19
I have a page that filters a recordset, creates a session variable then redirects.

I ran a scan and found the following vulnerabilities:

---

Server responded 200 to unnecessarily large random request body(over 64 KB) for URL https://www.domain... etc ... , significantly increasing attacker's chances to prolong slow HTTP POST attack.

It has been detected by exploiting the parameter ASPSESSIONIDSUTBABRD
The payloads section will display a list of tests that show how the param could have been exploited to collect the information
Authentication:
In order to detect this content, no authentication has been required.
Access Path:
Here is the path followed by the scanner to reach the exploitable URL:

How can I secure this page to prevent this errors from happening ?
code.txt
0
Comment
Question by:amucinobluedot
1 Comment
 
LVL 52

Accepted Solution

by:
Scott Fell,  EE MVE earned 500 total points
ID: 39870962
For sure you need to turn off parent paths.  It was common prior to iis7 to have them on. Then iis7 turned this off by default and many asp dev's turned it on so their scripts would not break.   The parent path thing can allow people to get outside of your web root.

http://www.iis.net/learn/application-frameworks/running-classic-asp-applications-on-iis-7-and-iis-8/classic-asp-parent-paths-are-disabled-by-default

The only thing you will need to change in your scripts for the most part are your include files.

This
<!--#include file="Connections.asp" -->
Would convert to
<!--#include virtual="/Connections.asp" -->
Or if it is in your connections folder
<!--#include virtual="/connections/Connections.asp" -->

Basically, links starting with ../ will need to be converted.


Why are you using client side to go to the next page?
<script language="javascript">
window.location.href="forgotpasswordsent.asp";
</script>

Open in new window

response.redirect will do it on the server before the page renders.
<%
response.redirect("forgotpasswordsent.asp")
%>

Open in new window

0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Where can I find... 1 30
ASP.NET MVC 2 31
Responsive Design or Mobile Sites? 4 31
PHP Form Calculate Total Price 10 41
"In order to have an organized way for empathy mapping, we rely on a psychological model and trying to model it in a simple way, so we will split the board to three section for each persona and a scenario and try to see what those personas would Do,…
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
The viewer will get a basic understanding of what section 508 compliance can entail, learn about skip navigation links, alt text, transcripts, and font size controls.
The is a quite short video tutorial. In this video, I'm going to show you how to create self-host WordPress blog with free hosting service.

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question