Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Turn Off Debug
renegade
#1 Posted : Monday, July 11, 2016 3:09:03 PM(UTC)
Groups: Member
Joined: 7/11/2016(UTC)
Posts: 5

Thanks: 1 times
We have a security vulnerability scanner that runs which picked up three ports 5677, 7756, and 56777. I read "Port 7756 is reserved for some features of the Ultidev Web Server and we do not expose or document a way to disable it." from a pervious post.

Is there a way to turn off the three ports and the debugging part for port 7756?

Not sure if it may help but here is the print out from the scanner:

**********************************************************************

• Synopsis
The DEBUG method is enabled on the remote host.

• Description
It is possible to send debug statements to the remote ASP scripts. An attacker might use this to alter the runtime of the remote scripts.

• Solution
Make sure that DEBUG statements are disabled or only usable by authenticated users.

• See Also

o Links: microsoft.com

• Plugin Output

The request
DEBUG /Default.aspx HTTP/1.1
Host: ******************
Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
Accept-Language: en
Command: stop-debug
Connection: Close
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Pragma: no-cache
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*


Produces the following output :
HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 2
Content-Type: text/html; charset=utf-8
Server: UltiDev Web Server Pro (3.0.0.20) Microsoft-HTTPAPI/2.0
X-AspNet-Version: 2.0.50727
Date: Mon, 04 Jul 2016 13:28:18 GMT
Connection: close


OK
************************************************************************
Ultidev Team
#2 Posted : Tuesday, July 12, 2016 1:50:35 PM(UTC)
Ultidev Team

Groups: Administration
Joined: 11/3/2005(UTC)
Posts: 2,247

Thanks: 28 times
Was thanked: 55 time(s) in 54 post(s)
Hi,

UWS cannot execute legacy ASP scripts. It can only execute compiled .NET binaries. If enabled DEBUG is a threat only with old ASP scripts enabled, UWS is not affected.

Best regards,
UltiDev Team.
Please donate at http://www.ultidev.com/products/Donate.aspx to help us improve our products.
renegade
#3 Posted : Tuesday, July 12, 2016 2:42:29 PM(UTC)
Groups: Member
Joined: 7/11/2016(UTC)
Posts: 5

Thanks: 1 times
Is there any way of turning these ports off within a configuration file or turn off Debugging?
Ultidev Team
#4 Posted : Wednesday, July 13, 2016 8:43:18 AM(UTC)
Ultidev Team

Groups: Administration
Joined: 11/3/2005(UTC)
Posts: 2,247

Thanks: 28 times
Was thanked: 55 time(s) in 54 post(s)
Hi,

Disabling these ports will disable redirection functionality used by shortcut icons created for applications registered with UWS. Before we go any further, could you please tell whether you ran port scan using localhost/127.0.0.1 address, or real machine IP or host name?

Best regards,
UltiDev Team.
Please donate at http://www.ultidev.com/products/Donate.aspx to help us improve our products.
renegade
#5 Posted : Wednesday, July 13, 2016 12:36:36 PM(UTC)
Groups: Member
Joined: 7/11/2016(UTC)
Posts: 5

Thanks: 1 times
The scanner is running on a separate server and it uses the IP address for it's target.
Ultidev Team
#6 Posted : Thursday, July 14, 2016 9:54:23 AM(UTC)
Ultidev Team

Groups: Administration
Joined: 11/3/2005(UTC)
Posts: 2,247

Thanks: 28 times
Was thanked: 55 time(s) in 54 post(s)
Replied privately by email.
Please donate at http://www.ultidev.com/products/Donate.aspx to help us improve our products.
1 user thanked Ultidev Team for this useful post.
renegade on 8/10/2016(UTC)
renegade
#7 Posted : Friday, July 15, 2016 9:30:44 AM(UTC)
Groups: Member
Joined: 7/11/2016(UTC)
Posts: 5

Thanks: 1 times
Thank you. Currently going over some testing to see if this will affect anything.
Ultidev Team
#8 Posted : Monday, July 18, 2016 10:02:20 AM(UTC)
Ultidev Team

Groups: Administration
Joined: 11/3/2005(UTC)
Posts: 2,247

Thanks: 28 times
Was thanked: 55 time(s) in 54 post(s)
Thanks. Please let us know what you found.

Best regards,
UltiDev Team.
Please donate at http://www.ultidev.com/products/Donate.aspx to help us improve our products.
dsiskAV
#9 Posted : Tuesday, July 26, 2016 10:20:04 AM(UTC)
Groups: Member
Joined: 7/26/2016(UTC)
Posts: 1

We have a customer reporting the same issue. Can I get an update on a possible solution (private email is fine)?

Thanks,
David
Ultidev Team
#10 Posted : Tuesday, July 26, 2016 10:27:44 AM(UTC)
Ultidev Team

Groups: Administration
Joined: 11/3/2005(UTC)
Posts: 2,247

Thanks: 28 times
Was thanked: 55 time(s) in 54 post(s)
We recommend turning on software firewall on the host computer and block desired ports. That's the least invasive way. Windows software firewall, for example, has programmable API that allows blocking ports without user interaction. Doing it via UWS configuration is invasive, leads to lost functionality and unsupported.

Best regards,
UltiDev Team.
Please donate at http://www.ultidev.com/products/Donate.aspx to help us improve our products.
renegade
#11 Posted : Wednesday, August 10, 2016 1:13:01 PM(UTC)
Groups: Member
Joined: 7/11/2016(UTC)
Posts: 5

Thanks: 1 times
The problem has been fixed running the command that I was given in a private email. Thank you all to have helped.
gmohela
#12 Posted : Tuesday, August 29, 2017 5:26:50 PM(UTC)
Groups: Member
Joined: 8/29/2017(UTC)
Posts: 1

Can someone please provide me with the command sent via private email. Thanks
Rss Feed  Atom Feed
Users browsing this topic
Guest (2)
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You can vote in polls in this forum.