Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
OpenSSL 'ChangeCipherSpec' MiTM Potential Vulnerability
#11
(01-19-2021, 11:34 AM)Jose Nilton Pace Wrote: Hi, add this:
Quote:!3DES

Thank you!

(01-19-2021, 11:34 AM)Jose Nilton Pace Wrote: Hi, add this:
Quote:!3DES

Thank you very much. Couple more vulnerabilities. Kindly assist.

1. Missing Secure Flag From SSL Cookie - The Secure attribute tells the browser to only send the cookie if the request is being sent over a secure channel such as HTTPS. This will help protect the cookie from being passed over unencrypted requests. If the application can be accessed over both HTTP and HTTPS then there is the potential that the cookie can be sent in clear text.
2. Missing HttpOnly Flag From Cookie - HTTP Only is an additional flag included in a Set-Cookie HTTP response header. If supported by the browser using the HTTP Only flag when generating a cookie helps mitigate the risk of client side script accessing the protected cookie. If a browser that supports HTTP Only detects a cookie containing the HTTP Only flag and client side script code attempts to read the cookie the browser returns an empty string as the result. This causes the attack to fail by preventing the malicious (usually XSS) code from sending the data to an attacker's website.
Reply
#12
Hi, in ServerController->CookieOptions you can set options in cookie. I personally don't use cookies anymore.
Reply
#13
(01-20-2021, 07:44 PM)Jose Nilton Pace Wrote: Hi, in ServerController->CookieOptions you can set options in cookie. I personally don't use cookies anymore.

All the options are ticked here, 
HttpOnly - Ttue
Secure - True
SessionCookies - True
UseCookies - True
Reply
#14
If HttpOnly and Secure are set, both aforementioned vulnerabilities shouldn't exist... Did you change the settings before or after testing it?
Reply
#15
No, both are ticked always. Anything else to check please? I am using the ver 14.2.1
Reply
#16
IW 14.2.1 supports both cookie attributes.

Are you creating your own cookies or only the regular IW session cookie?

If your site/application is publicly available, please send me the link via e-mail and I will inspect the responses.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)