This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Revenera Community
- :
- FlexNet Publisher
- :
- FlexNet Publisher Knowledge Base
- :
- Nessus reports potential vulnerability for lmadmin web server
Subscribe
- Mark as New
- Mark as Read
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Nessus reports potential vulnerability for lmadmin web server
Nessus reports potential vulnerability for lmadmin web server
Summary
Is web page URL change a potential vulnerability as reported by Nessus scan?Question
One of our customers scanned their software products with Nessus plugin and it reported a potential vulnerability for the FNP 11.14.1.3 lmadmin web server that they deliver with their products. Basically, this plugin looks for any changes to a web page when the URL has new parameters added like admin, debug, or test with a value of true. When admin=true is submitted to the lmadmin web server, the resulting webpage is slightly different which the Nessus plugin assumes is a vulnerability. Is that the case?Answer
There is no vulnerability here. The "admin" URL parameter is handled by lmadmin in such a way that the HTTP client (or browser) has used it to indicate the license administration tab ("System Information"/"User Configuration"/"Alert Configuration"/"Server Configuration"/"Vendor Daemon Configuration") which has to be displayed. (It is not used to indicate whether the login is in administrator mode or not.)When the HTTP client provides a value for the "admin" URL parameter, it gets used by lmadmin to form the request URL for the "Administration" link. If the HTTP client gives an invalid value like "true" for the "admin" URL parameter, the "Administration" link in the web-page returned by lmadmin will point to something like "http:serverName:port/true?vendor=vendorName&licenseTab=&selected=". However, since "/true" does not map to any valid administration tab, in this case, lmadmin will return an error page saying "The page you requested on Lmadmin cannot be found." upon clicking that link; but there will not be any exposure of unintended or additional functionality. Also, lmadmin's configuration (which is persisted using the "conf/server.xml" file) is in no way affected by that malformed HTTP request (that had a value of "true" for the "admin" URL parameter).
No ratings