Thanks Jian! I'm going to pass this to my boss and see what he says. Thanks again! Kelly
On Mon, Sep 17, 2012 at 12:55 PM, Jian Huang <[email protected]>wrote: > Hi Kelly, > > Most part of Management would first validate the current user session > before allowing additional functions. However, there might be areas that > do not verify that. > > There is something a system administrator can do in IIS by only granting > access to certain page should the request comes from localhost (127.0.0.1), > which is initiated from an asp page that verifies login session. > > http://support.microsoft.com/kb/324066 > > For example: > > addfile.asp calls uploadfile.asp > > uploadfile.asp is vulnerable to XSS should the correct parameter be > provided. > > Locked down uploadfile.asp via IIS by only grant it access should request > comes from 127.0.0.1. > > Since addfile.asp validates user session, then user would have to be able > to login in order to use the functionality. > > Besides, it takes 7 to 8 specifically named parameters to correctly invoke > any .asp pages in CMS. > > -Jian > > > On Monday, September 17, 2012 12:05:03 PM UTC-4, Kelly Burns wrote: >> >> Hi Richard -I'm replying back via email to explain. Thanks, Kelly >> >> >> On Monday, September 17, 2012 9:34:30 AM UTC-5, Kelly Burns wrote: >>> >>> Hi guys - I am sure somebody has run into this before; but I am at a >>> complete "dead end" here and need to resolve before our upcoming IT Audit. >>> :( >>> >>> Our IT Audit firm found our Web Site Management Server 10.1 SP2 (with >>> SQL 2008 db) poses a "significant security risk", in that it allows cross >>> site scripting (aka "XSS") to occur in the classic ASP portions of the app. >>> Obviously I need to correct this before our *next* audit (next month). >>> >>> Last September, when the audit found this info, I submitted this as a >>> ticket for resolution to OpenText Support. They said they would forward the >>> issue to development for analysis (this was a year ago). I realized I'd >>> not heard back from them on this issue & checked back on it this week. The >>> response was: >>> >>> *"This ticket was linked to a BUG ID: WSGMS-8216 currently there is no >>> resolution or much analysis on the issue, but it is now tracked by OpenText >>> and you can always use the aforementioned ID to track its status."* >>> >>> I searched all over OpenText KB for the bug, but it is not even listed >>> anyplace that I could find. I was hoping that surely *somebody *has had >>> the same issue and posted a workaround *somewhere *by now. :-( Well if >>> it exists, I still haven't found it! >>> >>> Has anyone else dealt with this?? If what if anything did you do to >>> secure RedDot properly? >>> >>> Thanks in Advance! >>> Kelly >>> >>> >>> -- > You received this message because you are subscribed to the Google Groups > "RedDot CMS Users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/reddot-cms-users/-/yQ34iuPHUtoJ. > > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/reddot-cms-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "RedDot CMS Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/reddot-cms-users?hl=en.
