: Host header vulnerability reported by Acunetix Scanner I am getting ready to launch a small web app and decided to scan the site with the Acunetix Web Vulnerability Scanner. I was quite pleased

I am getting ready to launch a small web app and decided to scan the site with the Acunetix Web Vulnerability Scanner. I was quite pleased with the results for the most part, but the scanner reports a high level security issue with the setting of the Host header. The scanner provides the following link for more information www.skeletonscribe.net/2013/05/practical-http-host-header-attacks.html
Far as I can tell the vulnerability comes into play if you are using the host header to generate URLs, be they urls inserted into sent emails or inserted into pages.

Am I correct in thinking that this is not an issue for a web app that is not using the Host header to create urls in any way?

10.02% popularity Vote Up Vote Down

: Is medium-resolution a good middle ground for web images? I'm used to thinking of hi-res 300 ppi and above, and lo-res, 72 or 96. But today I got an image that was 240 ppi, and da boss

@Ann8826881

Posted in: #Images #Resolution

1 Comments

: ISAPI_Rewrite is a URL rewriter for Microsoft IIS, from Helicon Tech.

@Ann8826881

0 Comments

: Www.example.com showing a 404 error while example.com is working when set up through cPanel I set up a recent (Wordpress) project on Microsoft Azure with a domain from 123-reg. When I set up

@Ann8826881

Posted in: #Dns #Iis #Subdomain #Wordpress

2 Comments

: Geotarget global audience with .com.au We were trying to buy our .com.au in .com form but it's taken already. Is there a way to set a .com.au to have a global geotarget? Does a .com have

@Ann8826881

Posted in: #Geotargeting #Seo #TopLevelDomains

1 Comments

Login to post a comment!

2 Comments

Sorted by latest first Latest Oldest Best

@Alves908

When Acunetix detects a vulnerability, it generally provides additional information, including the parameters that were used to detect the vulnerability. This allows you to replicate the vulnerability manually, possibly using the manual penetration testing tools included with Acunetix such as the HTTP Editor.

Check the following Acunetix post on Host Header Injection: www.acunetix.com/blog/web-security-zone/articles/automated-detection-of-host-header-attacks/
You might want to contact the Acunetix support team, and provide them with additional details on the vulnerability.

10% popularity Vote Up Vote Down

@Margaret670

If the webapp (including any framework it was built on top of) doesn't use the Host header or anything derived from it (like SERVER_NAME) then the attacks described are not possible.*

However, if this were the case, Acunetix shouldn't really be raising this vulnerability on your scan, especially without providing any evidence.

*If the webapp is intended to only be accessible from an internal network then you should validate the host header anyway, to prevent external attackers from gaining access to it using DNS rebinding.

10% popularity Vote Up Vote Down

Feed

: Host header vulnerability reported by Acunetix Scanner I am getting ready to launch a small web app and decided to scan the site with the Acunetix Web Vulnerability Scanner. I was quite pleased

More posts by @Ann8826881

: Is medium-resolution a good middle ground for web images? I'm used to thinking of hi-res 300 ppi and above, and lo-res, 72 or 96. But today I got an image that was 240 ppi, and da boss

: ISAPI_Rewrite is a URL rewriter for Microsoft IIS, from Helicon Tech.

: Www.example.com showing a 404 error while example.com is working when set up through cPanel I set up a recent (Wordpress) project on Microsoft Azure with a domain from 123-reg. When I set up

: Geotarget global audience with .com.au We were trying to buy our .com.au in .com form but it's taken already. Is there a way to set a .com.au to have a global geotarget? Does a .com have

Login to post a comment!

2 Comments

Back to top | Use Dark Theme