?
Solved

CGI Generic SQL Injection (blind, time based) - Exchange vulnerability

Posted on 2016-09-06
6
Medium Priority
?
379 Views
Last Modified: 2016-09-11
We have used Nessus to scan for vulnerabilities on our externally facing Exchange 2013 server and it has reported the following:

CGI Generic SQL Injection (blind, time based)
Test Id: 43160
Severity:3 / High
Description: By sending specially crafted parameters to one or more CGI scripts hosted on the remote web server, Nessus was able to get a slower response, which suggests that it may have been able to modify the behavior of the application and directly access the underlying database. An attacker may be able to exploit this issue to bypass authentication, read confidential data, modify the remote database, or even take control of the remote operating system. Note that this script is experimental and may be prone to false positives.

I can't see any further information or find any fix, does anyone know specifically what this is referring too and if so what we can do to resolve it (closing ports 80 + 443 isn't an option).

Exchange V15.0 Build - 1130.7

Thanks
0
Comment
Question by:Hallidays
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 51

Expert Comment

by:Vitor Montalvão
ID: 41785833
Looks like you're application allows user input that are used as parameters to query a database. The vulnerability is that if someone input SQL code to perform unwanted actions in your database.
Here's an article that can help you understand better the impact of SQL injection.
0
 
LVL 1

Author Comment

by:Hallidays
ID: 41785836
Hi Vitor,

I have done some research and can see how this could affect us but I cannot see any resolution to fix the issue. The external facing sites are OWA, ECP, Autodiscover etc from Exchange 2013, do you have any idea what in Exchange is allowing this and how we can stop it?

Thanks
0
 
LVL 51

Expert Comment

by:Vitor Montalvão
ID: 41785845
The external facing sites are OWA, ECP, Autodiscover etc from Exchange 2013, do you have any idea what in Exchange is allowing this and how we can stop it?
Unfortunally not. Exchange is not my area of expertise.
0
How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

 
LVL 1

Accepted Solution

by:
Hallidays earned 0 total points
ID: 41785977
Hi all,

This has been confirmed as a false positive result so panic over. Thanks anyway
0
 
LVL 51

Expert Comment

by:Vitor Montalvão
ID: 41786012
Good to know :)
Cheers
0
 
LVL 1

Author Closing Comment

by:Hallidays
ID: 41793235
The result was a false positive and doesn't actually exist.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In part one, we reviewed the prerequisites required for installing SQL Server vNext. In this part we will explore how to install Microsoft's SQL Server on Ubuntu 16.04.
What if you have to shut down the entire Citrix infrastructure for hardware maintenance, software upgrades or "the unknown"? I developed this plan for "the unknown" and hope that it helps you as well. This article explains how to properly shut down …
Via a live example, show how to shrink a transaction log file down to a reasonable size.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question