Malicious input can come from unexpected places.
In a recent penetration test, we were able to gain administrative access to a client’s WordPress installation by exploiting a known SQL injection vulnerability (CVE-2015-2314) allowing unauthorised access to download usernames and password hashes. Often in tests against WordPress installations, this provides us with enough access to inject malicious code into the site’s template files and gain remote code execution privileges on the operating system hosting the site.
Following reports yesterday that Windows users are at risk from the ‘SandWorm’ vulnerability, another issue that will affect a large amount of the web was released last night. SSL 3.0, dubbed ‘Poodle’, is a vulnerability existing in old software that is still in use by web browsers and servers. Discovered by Google researchers*, Poodle (Padding Oracle On Downgraded Legacy Encryption), has been in existence for 15 years within SSL version 3.0. While many websites will default to supporting other protocols such as (Transport Layer Security) TLS these days, many still use SSL 3.0, making this a significant security risk for users.
You will no doubt have seen the news by now that a global international law enforcement and security firm operation has gained control of one of the world’s largest botnets, but what are the implications for businesses and computer users?
Many people are aware of how Cross Site Request Forgery can be used to turn a victim’s browser against a vulnerable application, however vulnerabilities also exist that can turn an application server itself against the infrastructure that it is connected to.