Report for http://www.fao.com/product/index.jsp?productId=3262833 (Generated on 2013-08-30 17:32:19 -0400)

Found a false positive? Report it here.

Summary

Graphs
Issues [1]

[1] Blind SQL Injection (differential analysis) (Trusted — Severity: High)

SQL code can be injected into the web application even though it may not be obvious due to suppression of error messages.

In header input User-Agent using GET at http://www.fao.com/product/index.jsp?productId=3262833.

Configuration

Settings

Version: 1.0dev
Revision: 0.2.8
Audit started on: Fri Aug 30 16:37:14 2013
Audit finished on: Fri Aug 30 17:23:12 2013
Runtime: 00:45:58

Runtime options

URL: http://www.fao.com/product/index.jsp?productId=3262833
User agent: Arachni/v1.0dev

Audited elements	Modules	Filters	Cookies
Links Forms Headers	sqli_blind_rdiff	Exclude: N/A Include: N/A Redundant: N/A	JSESSIONID = TYTlSkNBDM82DwzZJNvf4yz29Sp94TQydrvL1pW1FcfQ1TvlvVPQ!-1874741247 browser_id = 236445014523 rvdata = XR79534053185a401a0f4f1a175b0a0a0304

Trusted issues

At the time these issues were logged there were no abnormal interferences or anomalous server behavior.
These issues are considered trusted and fairly accurate.

[1] Blind SQL Injection (differential analysis)

Module name: Blind SQL Injection (differential analysis)
(Internal module name: BlindrDiffSQLInjection)
Affected variable: User-Agent
Affected URL: http://www.fao.com/product/index.jsp?productId=3262833
HTML Element: header
Requires manual verification?: No

CWE: 89
(http://cwe.mitre.org/data/definitions/89.html)
Severity: High
CVSSV2: 9.0

References

OWASP - http://www.owasp.org/index.php/Blind_SQL_Injection
MITRE - CAPEC - http://capec.mitre.org/data/definitions/7.html

Description

SQL code can be injected into the web application even though it may not be obvious due to suppression of error messages.

Remedial guidance

Suppression of error messages leads to security through obscurity which is not a good practise. The web application needs to enforce stronger validation on user inputs.

[+] Variation 1

Affected URL:

http://www.fao.com/product/index.jsp?productId=3262833

Injected value:

 Arachni/v1.0dev))) and  1=1

Regular expression:

Headers

Request

Response

Accept	text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Encoding	gzip, deflate
User-Agent	Arachni/v1.0dev))) and 1=1
Cookie	JSESSIONID=TYTlSkNBDM82DwzZJNvf4yz29Sp94TQydrvL1pW1FcfQ1TvlvVPQ!-1874741247;browser_id=236445014523;rvdata=XR79534053185a401a0f4f1a175b0a0a0304

Date	Mon, 02 Sep 2013 18:25:05 GMT
Server	Apache/2.0.64 (Unix)
Cache-Control	no-cache="set-cookie"
Pragma	no-cache
P3p	CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie	rvdata=XR79534053185a401a0f4f1a175b0a0a0304; expires=Saturday, 20-Sep-2081 21:39:12 GMT; path=/
Content-Language	en-US
X-Powered-By	Servlet/2.5 JSP/2.1
Vary	Accept-Encoding
Content-Encoding	gzip
X-Ua-Compatible	IE=EmulateIE7
Connection	close
Transfer-Encoding	chunked
Content-Type	text/html; charset=ISO-8859-1

Untrusted

These issues are considered untrusted (and may in fact be false positives) because at the time they were identified the server was exhibiting some kind of anomalous behavior or there was third part interference (like network latency for example).
The listed issues need verification by a human.

No untrusted issues have been logged.

Plugin results

Resolver
Health map

                            Resolves vulnerable hostnames to IP addresses.

Results

Hostname	IP Address
www.fao.com	63.240.110.215

                            Generates a simple list of safe/unsafe URLs.

http://www.fao.com/product/index.jsp
http://www.fao.com/product/index.jsp?productId=3262833

Stats

Total: 2
Safe: 1
Unsafe: 1
Issue percentage: 50%

Sitemap

URL List

1 pages

http://www.fao.com/product/index.jsp?productId=3262833