vulnerability patch.how to apply it ?

Forum Moderators: coopster

Message Too Old, No Replies

vulnerability patch.how to apply it ?

hanyaz

1:45 pm on Feb 6, 2009 (gmt 0)

Hello,
I am using a script for one of my websites, it has a known vulnerality. I looked around and found a site giving a piece of code to fix that. I got no idea where to insert that, in .htaccess or in the script itself...
I have root access to the server where i am hosted.

Here is the code code i found :

SQL Injection
SecRule REQUEST_URI "/(selloffers¦buyoffers¦products¦profiles)\.php" chain
SecRule ARGS:cid "((select¦grant¦delete¦insert¦drop¦alter¦replace¦truncate¦update¦create¦rename¦describe)[[:space:]]+[A-Z¦a-z¦0-9¦\*¦ ¦\,]+[[:space:]]+(from¦into¦table¦database¦index¦view)[[:space:]]+[A-Z¦a-z¦0-9¦\*¦ ¦\,]¦\'¦UNION.*SELECT.*FROM)"

Thanks for any help
hanyaz

STeeL

3:40 pm on Feb 6, 2009 (gmt 0)

This looks like something that would have to go into .htaccess. mod_security has to be enabled on your server for it to work, so you might want to read about it

[edited by: dreamcatcher at 7:07 pm (utc) on Feb. 6, 2009]
[edit reason] No personal urls, thanks. [/edit]

Frank_Rizzo

3:43 pm on Feb 6, 2009 (gmt 0)

That is a modsecurity rule.

It is not a patch - it is just a rule which will prevent the exploit from reaching the vulnerable app.

You have two options here. The first is to 'fix the app'.

The second is where you add that rule to your modsecurity ruleset. But you can only do that if you have modsecurity installed.

hanyaz

3:50 pm on Feb 6, 2009 (gmt 0)

thanks guys for your suggestions, i think i ll go for modsecurity installation if it is not that difficult.