Phoenix - Your AI AssistantResolve 2 issues for PCI Compliance failure
- Posted:
- Proposals: 6
- Remote
- #2169315
- Awarded
Redhill 
Description
Experience Level: Entry
Need to resolve 2 issues that resulted in a PCI compliance failure. Issues are below. My website is running on Ubuntu, Apache2, PHP, Magento
Title
CGI Generic Command Execution (time-based)
Synopsis
It may be possible to run arbitrary code on the remote web server.
Impact
The remote web server hosts CGI scripts that fail to adequately sanitize request strings. By leveraging this issue, an attacker may be able to execute arbitrary commands on the remote host. See also : https://en.wikipedia.org/wiki/Code_injection http://projects.webappsec.org/OS-Commanding
Resolution
Restrict access to the vulnerable application. Contact the vendor for a patch or upgrade.
Data Received
Using the GET HTTP method, SecurityMetrics found that : + The following resources may be vulnerable to arbitrary command execution (time based) : + The 'p' parameter of the /tag/product/list/tagId/116/ CGI : /tag/product/list/tagId/116/?order=name&dir=desc&infParam=1&limit=12&mod e=list&p=2%7C%7C%20sleep%203%20%26 -------- output -------- ------------------------
Title
Weak DH Key Exchange Supported (PCI DSS)
Synopsis
A service on the remote host supports a weak key exchange mechanism
Impact
At least one of the services on the remote host supports a Diffie-Hellman key exchange using a public modulus smaller than 2048 bits. Diffie-Hellman key exchanges with keys smaller than 2048 bits do not meet the PCI definition of strong cryptography as specified by NIST Special Publication 800-57 Part 1. Diffie-Hellman moduli of up to 1024 bits are considered practically breakable by an attacker with very significant resources. See also : https://weakdh.org/
Resolution
Consult the software's manual and reconfigure the service to use at least 2048-bit DH parameters. Alternatively, disable DH and use only Elliptic-curve Diffie-Hellman (ECDH) instead.
Data Received
The SSH service on port 22 supports a weak DH modulus : - The very common 1024-bit Oakley Group 2 DH modulus - DH group exchange is enabled and 1024-bit parameters are allowed
CVEs
CVE
Score
Vector
CVE-2015-4000
4.3
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Title
CGI Generic Command Execution (time-based)
Synopsis
It may be possible to run arbitrary code on the remote web server.
Impact
The remote web server hosts CGI scripts that fail to adequately sanitize request strings. By leveraging this issue, an attacker may be able to execute arbitrary commands on the remote host. See also : https://en.wikipedia.org/wiki/Code_injection http://projects.webappsec.org/OS-Commanding
Resolution
Restrict access to the vulnerable application. Contact the vendor for a patch or upgrade.
Data Received
Using the GET HTTP method, SecurityMetrics found that : + The following resources may be vulnerable to arbitrary command execution (time based) : + The 'p' parameter of the /tag/product/list/tagId/116/ CGI : /tag/product/list/tagId/116/?order=name&dir=desc&infParam=1&limit=12&mod e=list&p=2%7C%7C%20sleep%203%20%26 -------- output -------- ------------------------
Title
Weak DH Key Exchange Supported (PCI DSS)
Synopsis
A service on the remote host supports a weak key exchange mechanism
Impact
At least one of the services on the remote host supports a Diffie-Hellman key exchange using a public modulus smaller than 2048 bits. Diffie-Hellman key exchanges with keys smaller than 2048 bits do not meet the PCI definition of strong cryptography as specified by NIST Special Publication 800-57 Part 1. Diffie-Hellman moduli of up to 1024 bits are considered practically breakable by an attacker with very significant resources. See also : https://weakdh.org/
Resolution
Consult the software's manual and reconfigure the service to use at least 2048-bit DH parameters. Alternatively, disable DH and use only Elliptic-curve Diffie-Hellman (ECDH) instead.
Data Received
The SSH service on port 22 supports a weak DH modulus : - The very common 1024-bit Oakley Group 2 DH modulus - DH group exchange is enabled and 1024-bit parameters are allowed
CVEs
CVE
Score
Vector
CVE-2015-4000
4.3
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
New Proposal
Login to your account and send a proposal now to get this project.
Log inClarification Board Ask a Question
-
Judy , please share your website link.