The signature for the "Improper Error Handling(*)" detects the vulnerability by checking if a default error message is displayed in the response during scanning.
Once the default error message is displayed, what kind of middleware the application uses and the version information, etc. can be identified from the message content. Therefore, an attacker can exploit the vulnerability specific to the middleware.
Assuming that a certain error will occur by manipulating parameter values, this signature determines whether or not responses contain strings that can be inferred as the default error or considered as the middleware information.
Since it is mechanical determination, Detected reason of Vex (a string that may appear in the default error) can be incidentally same as a string which is not an error message, such as a random string generated by the application side.
Follow the steps below to make sure the detection contents.
[Steps]
1. Click the "Detail" button in the scan result screen
->The right pane displays the details of the results.
2. The value determined as a detection is shown in the "Detected reason" field.
3. Check this content and determine if the detection is positive or false positive.
*In versions prior to Vex7.2.2.0, the category name is written as "Error Code".
Comments
0 comments
Please sign in to leave a comment.