What's up everyone. I'm quite new to doing Responsible Disclosures and I was wondering if anyone could help answer my question.
I found the /phpinfo.php page in of the domains I was testing was public. Now, the organization I'm doing these disclosures for specifies that reporting info.php files with version information isn't necessarily important enough for them to take action, however "one possible exception in this scenario is when the version information reveals that the system uses software that contains known vulnerabilities".
So the thing is, within the info.php file a lot of system information can be read, including directory paths, the server's real IP and installed modules running on older versions with known CVE's. My question: is it possible for me to prove these vulnerabilities are still active and are of possible risk to the system? Some of the modules (some with vulnerabilities) installed are things like BZip2 (CVE-2022-23219), Libxml (CVE-2017-7375), Iconv/Glibc (CVE-2022-23219), MySQL (https://imgur.com/a/pVP94ZX) and many more.
I have practically no knowledge on PHP (version 7.3.33, no known vulnerabilities), and I'm not sure how to proceed with this information; do I report this or are these vulnerabilities of no risk? Do I first show these vulnerabilities are able to be exploited? Is other information on the system (file paths, IP-addresses, and more) able to be exploited by potential attackers?
I'm really sorry for my naivety, I'm trying to learn:)
[link] [comments]
from hacking: security in practice https://ift.tt/4EfBGvm
Comments
Post a Comment