What issues can be found by scanning Web server?
Most commonly, web server are divided into two broad categories. The most widely known Microsoft (Microsoft Internet Information Services) family and the UNIX family category (Apache), and other types of services, such as: BEA WebLogic Server / Oracle Application Server / Biztalk Server and etc.
Following are common attacking methods which can be detect and found by Network Secure Scanner.
Operating System and related service vulnerabilities
Basically, the Web services are built on MicroSoft / UNIX like operating system platform. Therefore, the Network Secure Scanner is designed to audit scanning for the web server platform.
SQL Injection mostly caused by remote attacker. The attackers use character check vulnerability which cause negligence in post-invasion checks and use the database syntax to maliciously edit or delete the back-end database that affect the normal website operation.
Malicious attackers discover the weaknesses of buffer zone by exploiting the browser or protocol driver and read variable information of the buffer zone or mainframe environment by sending out the malicious packet.
Buffer overflow vulnerabilities, remote attackers can easily block victims browsers or affect the normal service, and get administration authority to control the victim’s computer.
Restriction Bypass occurs in website language such as PHP. Some version’s security restriction are imperfect that caused malicious attackers to get authority of victim’s computer easily through Restriction bypass vulnerability.
Function Code Execution
Function execute code vulnerability, malicious attackers check the weakness by executing function codes, causing the system to abnormally determine the privilege to perform any malicious codes.
Remote Code Execution
Remote command execution vulnerability, malicious attacker can host any executable program via remote access to Web browsing service to obtain host authority.
Elevated Object Access Vulnerability, remote malicious attacks can be enhanced through a number of permissions weaknesses, obtaining control of a higher authority from victim host pc.
Denial of Service vulnerability, the weaknesses are caused by submission of enormous service requests to web sites, or mis-configuration of system and services and placement of malicious websites, which impact on web server service provider or deny programs of the innocent browsing clients.
Author: Jason Lin
ISO/IEC 27001 Lead Auditor