Author Topic: Security Metrics PCI Scan - Last Step!  (Read 1936 times)

beachy

  • Jr. Member
  • **
  • Posts: 277
  • VirtueMart Version: 2.0.22
Security Metrics PCI Scan - Last Step!
« on: August 10, 2011, 17:52:26 pm »
Hi,

I have posted on here before regarding PCI compliance and I have almost got our site certified by Security Metrics (HSBC insist we use them).

When they run their PCI scan on our site they are coming up with the following problem:

Description: Mambo allows SQL injection in username parameter 212.113.150.91212.113.150.91Linux 2.6.8Jun 08 13:19:48 2011newSeverity: Critical Problem CVE: CVE-2006-0871 6.41782new11Impact: A remote attacker could gain administrative access to Mambo Site Server and MySQL databases, or execute arbitrary PHP code. Background: Mambo Open Source (formerly Mambo Site Server) is a web content management system. Resolution [http://mambo-code.org/gf/project/mambo/ frs/] Upgrade to Mambo 4.6.2 or higher. Vulnerability Details: Service: http Sent: POST  /cgi-bin/index.php HTTP/1.0 Host: 212.113.150.91 Content-type: application/x-www-form-urlencoded Content-length: 39 username=admin'/*&passwd=a&option=login Received: HTTP/1.1 302 Moved Temporarily And: Location: index.php?option=com_content&view=article& ;id=74
[Hide]

After emailing them they provided the following addtional information:

~$ telnet 212.113.150.91 80
Trying 212.113.150.91...
Connected to 212.113.150.91.
Escape character is '^]'.
POST /cgi-bin/index.php HTTP/1.0
Host: 212.113.150.91
Content-type: application/x-www-form-urlencoded
Content-length: 39

Security Metrics originally believed that it was because we were running Mambo on the server which we are not. If someone could please explain what this result is and why they would receive it, it would be a great help.

Let me know if you need any further information

Thanks

_______
Joomla 2.5.11 Virtuemart 2.0.22
Apache 2.2.24 PHP 5.4.13
Hosted By RochenHost.com - MVS

PRO

  • Global Moderator
  • Super Hero
  • *
  • Posts: 10404
  • VirtueMart Version: 3+
Re: Security Metrics PCI Scan - Last Step!
« Reply #1 on: August 10, 2011, 21:43:55 pm »
tell them its a false positive.

I use security metrics, and usually call my host first with their errors.

THEN, call security metrics and tell them its a false positive.

Usually the host wants you to download the PDF to send them.

J3.9+ VM 3.4.2
Slowest Page Speed Score (88) (Category)
Fastest Page Speed Score (94-96) (productdetails)

beachy

  • Jr. Member
  • **
  • Posts: 277
  • VirtueMart Version: 2.0.22
Re: Security Metrics PCI Scan - Last Step!
« Reply #2 on: August 10, 2011, 22:42:05 pm »
Just managed to solve the problem - unfortuentely Security Metrics wanted evidence what was causing the problem so I have been digging through my site for the last couple of hours.

In the end the problem was caused by my error.php (located YOUR_SITE/templates/TEMPLATE_NAME/error.php) which I had edited to redirect any 404 errors on my website to a joomla article.

As soon as I removed this and restored the file back the Security Metrics PCI Scan confirmed the site was PCI compliant!
_______
Joomla 2.5.11 Virtuemart 2.0.22
Apache 2.2.24 PHP 5.4.13
Hosted By RochenHost.com - MVS