1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 12:14 pm May 1, 2026

Forum Moderators: phranque

Message Too Old, No Replies

Solution required for 42054 - CGI Generic SSI Injection vulnerability

Solution for fixing the 42054 - CGI Generic SSI Injection vulnerability

         

IamRasheed

2:50 pm on Jun 30, 2015 (gmt 0)

10+ Year Member



Hi,
I need a help from you guys , hope your help will resolve our issue.

We are running apache webserver which was scanned for vulnerabilities. We got the below result from the scan

*****************************************************************
42054 - CGI Generic SSI Injection
Synopsis
Arbitrary code may be run on the remote server.
Description
The remote web server hosts CGI scripts that fail to adequately sanitize request strings. They seem to be vulnerable
to an 'SSI injection' attack. By leveraging this issue, an attacker may be able to execute arbitrary commands on the
remote host.
See Also
[en.wikipedia.org...]
[owasp.org...]
[projects.webappsec.org...]
Solution
Disable Server Side Includes if you do not use them. Otherwise, restrict access to any vulnerable scripts and contact
the vendor for a patch or upgrade.
*****************************************************************


We did the below changes in httpd.conf file

1) Options -ExecCGI -FollowSymLinks -Indexes

2) <Directory />
Options -Includes
</Directory>

3) "--disable-cgi" \
"--disable-proxy-scgi" \

But still the vulnerability exists.
Later we removed those changes.

i am sharing the httpd.conf file, please have a look and tell me where it goes wrong.
Kindly please tell me where i have to do the modification to resolve this vulnerability. 




ServerTokens OS
ServerRoot "/usr/local/apache"

ScoreBoardFile /usr/local/apache/logs/httpd.scoreboard

PidFile /usr/local/apache/logs/httpd.pid

one request per connection). Set to "Off" to deactivate.
#
KeepAlive Off

MaxKeepAliveRequests 100

KeepAliveTimeout 15

<IfModule prefork.c>
StartServers 8
MinSpareServers 5
MaxSpareServers 20
ServerLimit 500
MaxClients  500
MaxRequestsPerChild 1000
</IfModule>

<IfModule worker.c>
StartServers  2
MaxClients  250
MinSpareThreads 25
MaxSpareThreads 75 
ThreadsPerChild 25
MaxRequestsPerChild 0

</IfModule>

Listen example.com:2543
Listen example.com:80

LoadModule rewrite_module modules/mod_rewrite.so

LoadModule unique_id_module modules/mod_unique_id.so
LoadModule security2_module modules/mod_security2.so

User apache
Group apache 

ServerAdmin root@exmaple.com

ServerName example 

#UseCanonicalName Off
UseCanonicalName On

DocumentRoot "/prod/Folder1/Folder2/"

<Directory />
 Options FollowSymLinks
 AllowOverride None
</Directory>

<Directory "/prod/Folder1/Folder2">
 Options Indexes FollowSymLinks MultiViews
 Order allow,deny
 Allow from all
</Directory>

<IfModule mod_userdir.c>

 UserDir disable

</IfModule>

DirectoryIndex index.html

AccessFileName .htaccess

<Files ~ "^\.ht">
 Order allow,deny
 Deny from all
</Files>

DefaultType text/plain

<IfModule mod_mime_magic.c>
# MIMEMagicFile /usr/share/magic.mime
 MIMEMagicFile conf/magic
</IfModule>

HostnameLookups Off

ErrorLog logs/error_log

LogLevel debug 

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
#LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%h %A %t %H %m %U %X %>s %b %D %T %{X-Forwarded-For}i" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

CustomLog logs/access_log combined

ServerSignature On

Alias /icons/ "/var/www/icons/"

<Directory "/var/www/icons">
 Options Indexes MultiViews
 AllowOverride None
 Order allow,deny
 Allow from all
</Directory>

Alias /manual "/etc/httpd/manual"

<Directory "/etc/httpd/manual">
 Options Indexes FollowSymLinks MultiViews
 AllowOverride None
 Order allow,deny
 Allow from all
</Directory>

<IfModule mod_dav_fs.c>
 # Location of the WebDAV lock database.
 DAVLockDB /var/lib/dav/lockdb
</IfModule>

Options -ExecCGI -FollowSymLinks -Indexes

IndexOptions FancyIndexing VersionSort NameWidth=*

AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*

AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core

AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^

DefaultIcon /icons/unknown.gif

ReadmeName README.html
HeaderName HEADER.html

IndexIgnore .?* *~ *# HEADER* README* RCS CVS *,v *,t *

AddEncoding x-compress Z
AddEncoding x-gzip gz tgz


AddDefaultCharset UTF-8


AddType application/x-tar .tgz

AddHandler imap-file map

AddHandler type-map var

Alias /error/ "/var/www/error/"

BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0

BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
BrowserMatch "^gnome-vfs" redirect-carefully

<IfModule !mod_jk.c>
 LoadModule jk_module modules/mod_jk.so

 JkWorkersFile "/usr/local/apache/conf/workers.properties"
 JkLogFile "/usr/local/apache/logs/mod_jk.log"

 JkLogLevel error 
# JkAutoalias "/var/www/html/images"

</IfModule>

<VirtualHost example.com:2543>
SSLEngine off
Options -ExecCGI -FollowSymLinks -Indexes
 ServerName example
 ServerAdmin webmaster@dummy-host.example.com
 DirectoryIndex index.html
 DocumentRoot /prod/Folder1/Folder2/
 ErrorLog logs/error_log
 CustomLog logs/access_log common
 CustomLog logs/logcollector/access_prod.log common
 JkMount /app1 loadbalancer
 JkMount /app1/* loadbalancer
 JkMount /app2 loadbalancer
 JkMount /app2/* loadbalancer
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
TraceEnable Off

</VirtualHost>

<VirtualHost example.com:80>
SSLEngine off
Options -ExecCGI -FollowSymLinks -Indexes
 ServerName example
 ServerAdmin webmaster@dummy-host.example.com
 DirectoryIndex index.html
 DocumentRoot /prod/Folder1/Folder2/
 ErrorLog logs/error_log
 CustomLog logs/access_log common
 CustomLog logs/logcollector/access_prod.log common
 JkMount /app1 loadbalancer
 JkMount /app1/* loadbalancer
 JkMount /app2 loadbalancer
 JkMount /app2/* loadbalancer
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
TraceEnable Off

</VirtualHost>

IamRasheed

3:32 am on Jul 2, 2015 (gmt 0)

10+ Year Member



Hello All,

Could you please help me on this?
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 12:14 pm May 1, 2026