GIAC GSLC Exam - Topic 8 Question 25 Discussion

Actual exam question for GIAC's GSLC exam

Question #: 25
Topic #: 8

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He performs Web vulnerability scanning on the We-are-secure server. The output of the scanning test is as follows:

C:\whisker.pl -h target_IP_address

-- whisker / v1.4.0 / rain forest puppy / www.wiretrip.net -- = - = - = - = - =

= Host: target_IP_address

= Server: Apache/1.3.12 (Win32) ApacheJServ/1.1

mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22

+ 200 OK: HEAD /cgi-bin/printenv

John recognizes /cgi-bin/printenv vulnerability ('Printenv' vulnerability) in the We_are_secure server. Which of the following statements about 'Printenv' vulnerability are true?

Each correct answer represents a complete solution. Choose all that apply.

AThe countermeasure to 'printenv' vulnerability is to remove the CGI script.

B'Printenv' vulnerability maintains a log file of user activities on the Website, which may be useful for the attacker.

CThis vulnerability helps in a cross site scripting attack.

DWith the help of 'printenv' vulnerability, an attacker can input specially crafted links and/or other malicious scripts.

Show Suggested Answer

Suggested Answer: A, C, D

by Matthew at May 03, 2022, 07:14 PM

Limited Time Offer

25%

Off

Get Premium GSLC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Daren

7 months ago

B seems misleading, it's not really about logging activities.

upvoted 0 times

...

Jettie

7 months ago

D is spot on, attackers can exploit it for sure.

upvoted 0 times

...

Yuki

7 months ago

Wait, does 'printenv' really log user activities? Sounds off.

upvoted 0 times

...

Kyoko

8 months ago

Totally agree, that script is a big risk!

upvoted 0 times

...

Dalene

8 months ago

A is definitely true, removing the CGI script is key.

upvoted 0 times

...

Anastacia

8 months ago

I think option D makes sense because if an attacker can access the 'printenv' output, they could potentially craft malicious inputs. So, that one seems correct too.

upvoted 0 times

...

Shayne

8 months ago

I feel like option C is misleading. 'Printenv' itself doesn't directly lead to cross-site scripting; it just reveals sensitive information.

upvoted 0 times

...

Virgina

8 months ago

I'm not entirely sure about option B. I thought 'printenv' just exposes environment variables, but does it really log user activities?

upvoted 0 times

...

Claudio

8 months ago

I remember studying the 'printenv' vulnerability and that removing the CGI script is a common countermeasure. So, I think option A is definitely true.

upvoted 0 times

...

Cherelle

8 months ago

I'm pretty sure the annular ligament is located in the wrist, so I'll go with C.

upvoted 0 times

...

Marcelle

8 months ago

The HTML Composer might be the way to go if we need more granular control over the email content and layout. But I'd want to double-check that it supports the necessary testing functionality.

upvoted 0 times

...

Quentin

8 months ago

This seems like a straightforward question about video encoding. I think the key is to find a way to get four 30 fps H.264 streams from the same camera product.

upvoted 0 times

...