HTTP PUT Enabled, DORK, GHDB, Weak COnfiguration, primeworld.com

DORK Search, Google Hacking Database, Inept, Confused, Fools

Report generated by XSS.CX at Thu Apr 21 21:05:47 CDT 2011.


Hoyt LLC Research investigates and reports on security vulnerabilities embedded in Web Applications and Products used in wide-scale deployment.

XSS.CX Home | XSS.CX Research Blog
Loading

1. HTTP PUT enabled



1. HTTP PUT enabled

Summary

Severity:   High
Confidence:   Certain
Host:   http://primeworld.com
Path:   /

Issue detail

HTTP PUT is enabled on the web server. The file /7e3171d6f3b2563.txt was uploaded to the server using the PUT verb, and the contents of the file were subsequently retrieved using the GET verb.

Issue background

The HTTP PUT method is used to upload data which is saved on the server at a user-supplied URL. If enabled, an attacker can place arbitrary, and potentially malicious, content into the application. Depending on the server's configuration, this may lead to compromise of other users (by uploading client-executable scripts), compromise of the server (by uploading server-executable code), or other attacks.

Issue remediation

You should refer to your platform's documentation to determine how to disable the HTTP PUT method on the server.

Request 1

PUT /7e3171d6f3b2563.txt HTTP/1.0
Host: primeworld.com
Content-Length: 16

72aa57dd98e41b7f

Response 1

HTTP/1.1 201 Created
Connection: close
Date: Thu, 21 Apr 2011 21:05:57 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Location: http://primeworld.com/7e3171d6f3b2563.txt
Content-Length: 0
Allow: OPTIONS, TRACE, GET, HEAD, DELETE, PUT, COPY, MOVE, PROPFIND, PROPPATCH, SEARCH, LOCK, UNLOCK

Request 2

GET /7e3171d6f3b2563.txt HTTP/1.0
Host: primeworld.com

Response 2

HTTP/1.1 200 OK
Content-Length: 16
Content-Type: text/plain
Last-Modified: Thu, 21 Apr 2011 21:05:57 GMT
Accept-Ranges: bytes
ETag: W/"627fb6e8670cc1:114a"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 21 Apr 2011 21:05:56 GMT
Connection: close

72aa57dd98e41b7f

Report generated by XSS.CX at Thu Apr 21 21:05:47 CDT 2011.