Date: 2007-September-08 17:40:02
 WebRavor RTM Edition 2.0 (Build 1560)

 Copyright (C) SecDomain Incorporated 2005-2007.

 
Scan Summary HTML Version
Domain webravor.com
Web Host http://demo.webravor.com:80/

Vulnerabilities Summary
High Vulnerabilities 1
Mid Vulnerabilities 0
Low Vulnerabilities 0
Total 1

Risk Level: Critical

1. This program is possibly vulnerable to SQL injection attacks, which lead to the database information leakage without authorization, such as user name and password, users information disclose. Furthermore, attacker can even control the whole operating system.


 Solutions

1. Code examination. Filter the user input and URL by identifying sensitive characters(e.g. and, or, select).

2. Modify the Database access rights, and try to avoid access of DB through DBA.

3. Modify the access rights to data dictionary to disable the rights of normal (non-privileged) DB users.

4. Deploy application intrusion detection or firewall systems.


High Vulnerability
Name URL Level
ORACLE_CHAR_TYPE_1 http://demo.webravor.com:80/newssystem/newscontent.jsp?newstype=0&newscode=4387 Critical
Database Connection Properties  
URL Instance Name User Name
http://demo.webravor.com:80/newssystem/newscontent.jsp?newstype=0&newscode=4387 uplot ID5
Total Tables 86 Tables Total   
URL http://demo.webravor.com:80/newssystem/newscontent.jsp?newstype=0&newscode=4387  
Name Total Columns Column Name
IDTAGUSER* No Data No Data 
USER_CARD* No Data No Data 
NX_USERINFO* No Data No Data 
UNION_ADMIN_USER* No Data No Data 
T_USERINFO* 8  
  EPID 
  EPTYPE 
  ASPID 
  USERFLG 
  DOMAIN 
  EPNAME 
  FLAG 
    AREACODE 
USER_CARD_AUTH* No Data No Data 
USER_FLOW* No Data No Data 
USER_CARD_LOG* No Data No Data 
Content of Table [T_USERINFO*] 16 Rows Total   
ID DOMAIN EPNAME
001  (NULL)  ABC, Inc.
002  (NULL)  BBC, Co.
Audit
Audit Name Summary
CheckdbsnmpPassword  (*)Warning: DBSNMP user is using default snmp password! 
Audit Name Summary
CheckSysPassword  SYS user did not use a default SYS password 
Audit Name Summary
CheckSystemPassword  SYSTEM did not a default system password 
Audit Name  Total Details
GetAllUserCount  13    
    CE?TER 
    DBSNMP 
    ID5 
    OUTLN 
Audit Name  Total Details
GetAllUserPasswordHashCount  34    
    *DBA|NULL 
    *CONNECT|NULL 
    *AQ_USER_ROLE|NULL 
    *DELETE_CATALOG_ROLE|NULL 
    *PUBLIC|NULL 
    *OEM_MONITOR|NULL 
    *EXE?UTE_CATALOG_ROLE|NULL 
    *IMP_FULL_DATABASE|NULL 
    *?XP_FULL_DATABASE|NULL 
    *HS_ADMI?_ROLE|NULL 
    ARS|CE4A36B8E06CA59C 
Audit Name Summary
GetAUDITSYSOPERATIONSPara  Oracle AUDIT_SYS_OPERATIONS parameter is set to TURE 
Audit Name Summary
GetDictionaryAccessPara  (*)Warning: Oracle Dictionary access was wide open! 
Audit Name  Total Details
GetPrivilegeCount  160    
    ADVISOR 
    ADMINISTER SQL TUNING SET 
Audit Name Summary
GetServerLen  GZT-oracle 
Audit Name Summary
GetSQL92Para  (*)Warning: Oracle SQL92_SECURITY parameter is set to false. 
WebRavor 2.0 (Build 1560) This Copy

 License Applied to SecDomain

 Incorporated.