Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

EXTERNAL SERVICE INTERACTION (DNS)

Rajiv Sep 19, 2019 12:52PM UTC

Hi Team,

I am a facing below issue in my project, Please suggest the possible solution.

Description:
It is possible to induce the application to perform server-side DNS lookups of arbitrary domain names.
The payload yacfs4cj5ocyq9mho4v2xqtq2h8bw3kwjk97zvo.burpcollaborator.net was submitted in the SSL SNI value and the HTTP Host header.
The application performed a DNS lookup of the specified domain.
The behavior appears to be asynchronous, and the Collaborator interaction occurred approximately 3 hours after the scan of the item was
completed.

Remediation:
You should review the purpose and intended use of the relevant application functionality, and determine whether the ability to
trigger arbitrary external service interactions is intended behavior. If so, you should be aware of the types of attacks that can be performed via this
behavior and take appropriate measures. These measures might include blocking network access from the application server to other internal
systems, and hardening the application server itself to remove any services available on the local loopback adapter.
If the ability to trigger arbitrary external service interactions is not intended behavior, then you should implement a whitelist of permitted services
and hosts, and block any interactions that do not appear on this whitelist.


Thanks,
Rajiv


Liam Tai-Hogan Sep 20, 2019 10:02AM UTC Support Center agent

Rajiv, what seems to be the issue? Are you able to follow the remediation advice?


Post Your public answer

Your name
Your email address
Answer