0

I work with developing and pre-production IIS servers to publish and test the web applications we develop. Some Ethical Hacking consultant came and warned us about a vulnerability they found in some of our servers:

http://www.ourserver.com/default_logged.aspx?Dir=http://www.anyexternalsite.com

This vulnerability redirects the user from our website to an external website, letting them exposed to be phishing victims.

I googled about this vulnerability (directory or path traversal) and I found this link:

https://www.cvedetails.com/cve/CVE-2014-4078/

I followed their advise to install some updates from this official MS site (for Windows Server 2012 R2):

https://technet.microsoft.com/library/security/ms14-076

But the issue stills there... if anyone knows about it and tell me how to solve it, I will appreciate it very much.

Thanks in advance.

Jose Sansuste
  • 1
  • 1
  • 2

1 Answers1

0

It is not a path traversal vulnerability, with a path traversal an attacker could see internal files of your server.

It is an open redirect, where your site redirect users to another website.

The solution could be:

  • If you can avoid the redirection, do it.
  • If not, perform a validation in order to check that the redirection is where you want to send the user, e.g. a URL of your own website (or another trusted url).
sinkmanu
  • 786
  • 1
  • 10
  • 21