Filter
Top Products
Fortinet 31 FortiWeb 5.0 Patch 6 Administration Guide
Remote file
inclusion
(RFI)
RFI is a type of injection attack.
However, unlike SQL injection
attacks, a database is not always
involved. In an RFI, a client
includes a URL to a file on a
remote host, such as source
code or scripts, when submitting
input. This causes vulnerable
web servers to either execute it
or include it in its own web
pages.
• If code is executed, this could
be
us
ed for many purposes,
including direct attacks of
other servers, installation of
malware, and data theft.
• If code is included into the
local file system, this could be
used to cause other,
unsuspecting clients who use
those web pages to commit
distributed XSS attacks.
Famously, this was used in
o
rga
nized attacks by Lulzsec.
Attacks often involve PHP web
applications, but can be written
for others.
Prevent inclusion of
refe
rences to files on
other web servers.
Generic Attacks
Server
information
leakag
e
A web server reveals details
(such as its OS, server software
and installed modules) in
responses or error messages. An
attacker can leverage this
fingerprint to craft exploits for a
specific system or configuration.
Configure server
softwar
e to minimize
information leakage.
• Information
Disclosure
•To hide
application
structure and
servlet names,
Rewriting &
redirecting
Table 2: Web-related threats
Attack
Technique
Description Protection FortiWeb Solution