Hi List,
Some days back I came across a very weired problem, and I am not able
to figure out. The security scanners scanned one of our public facing
website and they said that webserver is vulnerable to HTTP methods or
may be webdav is enabled. I looked around the code and couln't find
anything. Below is my findings and approach
1. Webdav module is not enabled at all on the webserver.
2.
<Directory DOCROOT>
<Limit GET POST OPTIONS>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS>
Order deny,allow
Deny from all
</LimitExcept>
AllowOverride None
Order allow,deny
Allow from all
</Directory>
3. DELETE and PUT is disabled by rewrite rules
RewriteCond %{REQUEST_METHOD} ^DELETE
RewriteRule .* - [F,L]
RewriteCond %{REQUEST_METHOD} ^PUT
RewriteRule .* - [F,L]
4. Did telnet test as well
bash-3.2$ telnet x.x.x.x 8090
Trying x.x.x.x....
Connected to x.x.x.x..
Escape character is '^]'.
OPTIONS / HTTP/1.0
HTTP/1.1 200 OK
Date: Mon, 30 Jul 2012 18:50:02 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8l
Allow: GET,HEAD,POST,OPTIONS,TRACE
Content-Length: 0
Connection: close
There are tomcat applaition as well behind this Apache instance. I
looked in to there as well, but coulnt find any thing related to
webdav in web.xml.
Am I missing something to rule out the possibility that Apache is not
vulnerable to any of the HTTP methods? Or ther is anything still which
is throwing that stuff. Because we have to get rid of that
vulnerabilities any how. Where else I should check?
Any comments or direction would be very helpful .
Thanks & Regards,
Bijayant Kumar
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|