Advertisement






Bank of Brasil PPI Scanner/ Cross-Domain JavaScript Source File Inclusion /Source Code Divulgation

CVE Category Price Severity
CVE-2020-12204 CWE-98 $10,000 High
Author Risk Exploitation Type Date
Unknown High Remote 2018-05-29
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2018050273

Below is a copy:

Bank of Brasil PPI Scanner/ Cross-Domain JavaScript Source File Inclusion /Source Code Divulgation
-------------------------
Time Line Vulnerability
-------------------------


10-05-2018 First Security Advisory  Not Response

18-05-2018 Second Security Advisory  Not Response

25-05-2018 Thid Security Advisory - Response Ok..

"Teorical Fixing by Bank of Brasil Security Team"

( 3 Days They Said to me )

28-05-2018 Verifiying - Not Fixex". Mail to Bank of Brasil 

-- Mail Delivery System (?)

Full Discloure

Explanation
------------

I had to upload to the website and started looking for emails and they do not exist.

I used the Google translator to do email searches in Portugues and 

I found audacity departments divided into different sites.

THERE IS NOTHING ON THE WEB PAGE TODAY 

RELATED TO CYBERSECURITY AND SENDING A NOTICE ..

Therefore, the most similar service is the "SAC" 

(SAC 0800 729 0722) that is for claims and things of that style.

But he does not have any mail, it's a phone number.

I called. and being a bank they knew English. 

I told them the story and he told me directly 

that they could not do anything and they knew which company took the security.

Therefore, in the face of the impossibility of contacting those responsible for cybersecurity

and a proven existence of the same faults, I have decided to make a dissemination of informaicon

which, in my view, is responsible, since I have done everything possible

to improve the bank's security.


Responsibility

The Author @secnight as well as Vertigosistems are 
exempt from any type of criminal liability and that which may arise from the disclosure of this information.

In these moments the security of the bank is

inefficient both at the application level 

as in layer 2 .. and rising...

and for a bank, THIS IS INADMISSIBLE

---------------------
FULL DISCLOSURE
---------------------
       \ | /
        \|/
|------||------|
|  WARNING  | 
|--------------|

The bank currently has more than 30 security failures, so I leave these security flaws in the report, 

but putting them all makes no sense. 

They need a Penetration Test, 

Continuous Cycle,Code Review

and for the huge failures,the 

severity causes the faults to be fixed as quickly as possible



===========================================================

Bank of Brazil Multiple security Flaws 

===========================================================

I. VULNERABILITY
-------------------------
#Title: 
Bank of Brazil Multiple security Flaws 
#Vendor:Bank Of Brasil
#Author:Juan Carlos Garca (@secnight)

Special Thanks Vertigosistems
https://www.vertigosistems.com/

#Follow me Twitter:@secnight
 
http://habemuscurso.blogspot.com

 http://hackingmadrid.blogspot.com
 



II. DESCRIPTION
-------------------------

Banco do Brasil S.A. (English: Bank of Brazil) is the second largest bank 
by assets in Brazil and all of Latin America. The bank, headquartered in 
Braslia, was founded in 1808 and is the oldest active bank in Brazil, 
even older than the country's central bank. 

It is also one of the oldest banks in continuous 
operation in the world.

Banco do Brasil is controlled by the Brazilian government but its 
stock is traded on the So Paulo Stock Exchange and its management follows 
standard international banking practices (Basel Accords). 
Since 2000 it has been one of the four most-profitable
 Brazilian banks (the others being Ita Unibanco, Bradesco, and Santander Brasil) 
and holds a strong leadership position in retail banking


---------------
Security Flaws |
---------------

1 PII Scanneer


The response contains Personally Identifiable Information, such as CC number, SSN and similar sensitive data.

URLhttp://www.bb.com.br/docs/pub/atend/toquio/dwn/NetprMaintPT.pdf

MethodGET

Evidence500278556500

URLhttp://www.bb.com.br/docs/pub/atend/toquio/dwn/NetprMaintPT.pdf

MethodGET

Evidence3556556556556333

Instances2

Solution

Other information

Credit Card Type detected: Maestro

Reference

CWE Id359
WASC Id13
Source ID3




2 HTTP to HTPPS transition insecure in the form of a post

Description
-------------

This check looks for insecure HTTP pages that host HTTPS forms.
The problem is that an insecure HTTP page can easily be 
hijacked through MITM and the secure HTTPS form 
can be replaced or simulated.

URLhttp://www.bb.com.br/portalbb/page100,8305,4911,0,0,1,6.bb?codigoMenu=15244&codigoNoticia=28839
MethodGET
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/page4,8305,3912,0,0,1,6.bb?codigoMenu=15217&codigoNoticia=28458
MethodGET
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb
MethodPOST
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb
MethodGET
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb
MethodGET
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/page100,8305,19205,0,0,1,6.bb?codigoMenu=15368&codigoNoticia=28840
MethodGET
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/page100,8305,19205,0,0,1,6.bb?codigoMenu=15368&codigoNoticia=28840
MethodGET
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/page251,8305,8388,0,0,1,6.bb?codigoNoticia=31200
MethodGET
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/page100,8305,4911,0,0,1,6.bb?codigoMenu=15244&codigoNoticia=28839
MethodGET
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/page100,8305,4911,0,0,1,6.bb?codigoMenu=15244&codigoNoticia=28839
MethodGET
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/page251,8305,8388,0,0,1,6.bb?codigoNoticia=31200
MethodPOST
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb
MethodPOST
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/page251,8305,8388,0,0,1,6.bb?codigoNoticia=31200
MethodPOST
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/page251,8305,8388,0,0,1,6.bb?codigoNoticia=31200
MethodPOST
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/home29,8305,8305,0,0,1,6.bb
MethodGET
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/home29,8305,8305,0,0,1,6.bb
MethodGET
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb
MethodPOST
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/page4,8305,3912,0,0,1,6.bb?codigoMenu=15217&codigoNoticia=28458
MethodGET
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/page4,8305,8388,0,0,1,6.bb?codigoMenu=15245&codigoNoticia=28842
MethodGET
Attack[cadena vaca]

URLhttp://www.bb.com.br/portalbb/page4,8305,8388,0,0,1,6.bb?codigoMenu=15245&codigoNoticia=28842

MethodGET

Attack[cadena vaca]

Instances27

Solution

Use HTTPS for landing pages that host secure forms

Other information


The response to the following HTTP request included a tag action attribute value of HTTPS form:

http://www.bb.com.br/portalbb/page100,8305,4911,0,0,1,6.bb?codigoMenu=15244&codigoNoticia=28839 el contexto era:

<form name="formNaoCorrentista" action="https://www2.bancobrasil.com.br/aapf/login.jsp" method="post">

<div class="grade">

<input type="Hidden" name="aapf.NC" value="sim">

<input type="Hidden" name="ativaCadastroNC" value="sim">

</div>

<div class="grade"><label for="cpf">CPF</label><input type="text" value=" CPF" name="cpf"
id="cpf" class="busca" onfocus="setElmAtv(this);letreiro(this,' CPF');"
onblur="letreiro(this,' CPF');" maxlength="14" size="15"
onkeypress="return mask(true, event, this, '###.###.###-##');"
tabindex="28"></div>

<div class="grade botaoOK" style="margin-left:5px;margin-top:1px;"><a href="#" title="Entrar"

onclick="return validaCNC();"

onkeypress="return validaCNC();"

tabindex="29"><span>&nbsp;OK &nbsp;&nbsp;</span></a></div>

</form>

Reference
[cadena vaca]

CWE Id16
WASC Id15
Source ID3




3 Source Code Divulgation in Perl -Description


The source code of the application was disclosed by the web server - Perl

URLhttp://www.bb.com.br/docs/pub/siteEsp/uds/dwn/Proequidade.pdf

MethodGET

Evidence$#waRFp

Instances1

Solution


Make sure that the Source Code application is not enabled with alternative extensions, and make sure that the source code is not present within other files or data displayed to the web server, or served by the web server.

Other information

$#waRFp

Reference

http://blogs.wsj.com/cio/2013/10/08/adobe-source-code-leak-is-bad-news-for-u-s-government/

CWE Id540

WASC Id13






4 X-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attacks - Description-
  
  
  
* URL: [http://www.bb.com.br/portalbb/hs001003,500490,500491,1,0,1,1,80.bb](http://www.bb.com.br/portalbb/hs001003,500490,500491,1,0,1,1,80.bb)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/jsp/eng/index.jsp](http://www.bb.com.br/portalbb/jsp/eng/index.jsp)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/page44,8305,8330,0,0,1,6.bb?bread=4&codigoMenu=3800&codigoNoticia=4561&codigoRet=3809](http://www.bb.com.br/portalbb/page44,8305,8330,0,0,1,6.bb?bread=4&codigoMenu=3800&codigoNoticia=4561&codigoRet=3809)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/page100,8305,4911,0,0,1,6.bb?codigoMenu=15244&codigoNoticia=28839](http://www.bb.com.br/portalbb/page100,8305,4911,0,0,1,6.bb?codigoMenu=15244&codigoNoticia=28839)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/page3,7932,7950,0,0,1,0.bb?bread=1_2&codigoMenu=3490&codigoRet=3510](http://www.bb.com.br/portalbb/page3,7932,7950,0,0,1,0.bb?bread=1_2&codigoMenu=3490&codigoRet=3510)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/page3,7932,3678,22,0,1,8.bb](http://www.bb.com.br/portalbb/page3,7932,3678,22,0,1,8.bb)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/page3,7932,3678,22,0,1,8.bb](http://www.bb.com.br/portalbb/page3,7932,3678,22,0,1,8.bb)
  
  
  * Method: `POST`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb](http://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/home23,10548,10548,0,0,1,5.bb](http://www.bb.com.br/portalbb/home23,10548,10548,0,0,1,5.bb)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/](http://www.bb.com.br/)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/docs/sitesp/sustentabilidade/hotsite_Internet.html](http://www.bb.com.br/docs/sitesp/sustentabilidade/hotsite_Internet.html)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/page3,7932,7952,0,0,1,0.bb?bread=1_4&codigoMenu=3490&codigoRet=3512](http://www.bb.com.br/portalbb/page3,7932,7952,0,0,1,0.bb?bread=1_4&codigoMenu=3490&codigoRet=3512)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb?dv=1](http://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb?dv=1)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/home29,8305,8305,0,0,1,6.bb](http://www.bb.com.br/portalbb/home29,8305,8305,0,0,1,6.bb)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br](http://www.bb.com.br)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/page3,7932,7949,0,0,1,0.bb?bread=1_1&codigoMenu=3490&codigoRet=3508](http://www.bb.com.br/portalbb/page3,7932,7949,0,0,1,0.bb?bread=1_1&codigoMenu=3490&codigoRet=3508)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/home29,8305,8305,0,0,1,6.bb?dv=1](http://www.bb.com.br/portalbb/home29,8305,8305,0,0,1,6.bb?dv=1)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb](http://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb)
  
  
  * Method: `POST`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/home16,500355,500355,21,0,1,1.bb?dv=1](http://www.bb.com.br/portalbb/home16,500355,500355,21,0,1,1.bb?dv=1)
  
  
  * Method: `GET`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
* URL: [http://www.bb.com.br/portalbb/page251,8305,8388,0,0,1,6.bb?codigoNoticia=31200](http://www.bb.com.br/portalbb/page251,8305,8388,0,0,1,6.bb?codigoNoticia=31200)
  
  
  * Method: `POST`
  
  
  * Parameter: `X-Frame-Options`
  
  
  
  
Instances: 32
  
### Solution

Most modern Web browsers support the X-Frame-Options HTTP header. Ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. ALLOW-FROM allows specific websites to frame the web page in supported web browsers).
  
### Reference
* http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx

  
#### CWE Id : 16
  
#### WASC Id : 15
  
#### Source ID : 3



5 HTTP Parameter Override

-Description 

Unspecified form action: HTTP parameter override attack potentially possible.
This is a known problem with Java Servlets but other platforms may also be vulnerable 


URLhttp://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb
MethodPOST
Evidence<form name="formContaEmp" action="" method="post">
URLhttp://www.bb.com.br/portalbb/page251,8305,8388,0,0,1,6.bb?codigoNoticia=31200
MethodPOST
Evidence<form name="formContaEmp" action="" method="post">
URLhttp://www.bb.com.br/portalbb/page4,8305,8388,0,0,1,6.bb?codigoMenu=15245&codigoNoticia=28842
MethodGET
Evidence<form name="formContaEmp" action="" method="post">
URLhttp://www.bb.com.br/portalbb/page3,7932,7948,22,0,1,8.bb?bread=1&codigoMenu=3490&codigoNoticia=4246&codigoRet=3494
MethodGET
Evidence<form name="formPerfil" autocomplete="off" action="" method="post">
URLhttp://www.bb.com.br/portalbb/home29,8305,8305,0,0,1,6.bb
MethodGET
Evidence<form name="formContaEmp" action="" method="post">
URLhttp://www.bb.com.br/portalbb/page3,7932,3678,22,0,1,8.bb
MethodGET
Evidence<form name="formPerfil" autocomplete="off" action="" method="post">
URLhttp://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb
MethodGET
Evidence<form name="formContaEmp" action="" method="post">
URLhttp://www.bb.com.br/portalbb/page4,8305,3912,0,0,1,6.bb?codigoMenu=15217&codigoNoticia=28458
MethodGET
Evidence<form name="formContaEmp" action="" method="post">
URLhttp://www.bb.com.br/portalbb/page100,8305,19205,0,0,1,6.bb?codigoMenu=15368&codigoNoticia=28840
MethodGET
Evidence<form name="formContaEmp" action="" method="post">
URLhttp://www.bb.com.br/portalbb/page3,7932,3678,22,0,1,8.bb
MethodPOST
Evidence<form name="formPerfil" autocomplete="off" action="" method="post">
URLhttp://www.bb.com.br/portalbb/page251,8305,8388,0,0,1,6.bb?codigoNoticia=31200
MethodGET
Evidence<form name="formContaEmp" action="" method="post">
URLhttp://www.bb.com.br/portalbb/page100,8305,4911,0,0,1,6.bb?codigoMenu=15244&codigoNoticia=28839
MethodGET
Evidence<form name="formContaEmp" action="" method="post">
Instances12
Solution
All forms must specify the action URL.

Reference
http://download.oracle.com/javaee-archive/servlet-spec.java.net/jsr340-experts/att-0317/OnParameterPollutionAttacks.pdf

CWE Id20
WASC Id20
Source ID3



6 X-Content-Type-Options Header Missing

Description

The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.

URLhttp://www.bb.com.br/docs/pub/atend/toquio/dwn/tela7.gif

MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/pbb/pagina-inicial/private
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/portalbb/img.ImgWriter?codigo=19634&origem=CCI
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/docs/css/ac/menuHorizontal.css
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/docs/pub/inst/img/tela5red.gif
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/portalbb/page100,8305,19205,0,0,1,6.bb?codigoMenu=15368&codigoNoticia=28840
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/pbb/app/docs/comum/images/structure/header/icon/apple-icon-180x180.png
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/pbb/pagina-inicial/estilo
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/portalbb/page251,8305,8388,0,0,1,6.bb?codigoNoticia=31200
MethodPOST
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/docs/pub/atend/toquio/dwn/tela10.gif
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/docs/img/v5/imgCantoMenuEsq.png
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/docs/css/grupoCAbas.css?v=1.1
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/docs/img/v5/btLogo1.gif
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/portalbb/page3,7932,7949,0,0,1,0.bb?bread=1_1&codigoMenu=3490&codigoRet=3508
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/docs/pub/atend/toquio/dwn/NetprMaintPT.pdf
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/pbb/s001t006p002,500965,502412,8,1,1,2.bb
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/portalbb/page3,7932,3678,22,0,1,8.bb
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/docs/css/ac/layoutsFonte12.css
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/docs/css/ac/layoutHomeFlex.css?1
MethodGET
ParameterX-Content-Type-Options
URLhttp://www.bb.com.br/docs/home/inst/img/dot.gif
MethodGET
ParameterX-Content-Type-Options
Instances113
Solution
Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.

If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.

Other information
This issue still applies to error type pages (401, 403, 500, etc) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.

At "High" threshold this scanner will not alert on client or server error responses.

Reference
http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx

https://www.owasp.org/index.php/List_of_useful_HTTP_headers

CWE Id16
WASC Id15
Source ID3



7 Web Browser XSS Protection Not Enabled
Description
Web Browser XSS Protection is not enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header on the web server

URLhttp://www.bb.com.br/portalbb/page4,8305,3912,0,0,1,6.bb?codigoMenu=15217&codigoNoticia=28458
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/portalbb/home1,7490
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/portalbb/page3,7932,7952,0,0,1,0.bb?bread=1_4&codigoMenu=3490&codigoRet=3512
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb?dv=1
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/portalbb/page100,8305,19205,0,0,1,6.bb?codigoMenu=15368&codigoNoticia=28840
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/portalbb/home29,8305,8305,0,0,1,6.bb
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/pbb/pagina-inicial/estilo
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/portalbb/page100,8305,4911,0,0,1,6.bb?codigoMenu=15244&codigoNoticia=28839
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/portalbb/jsp/eng/index.jsp
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/portalbb/page3,7932,7949,0,0,1,0.bb?bread=1_1&codigoMenu=3490&codigoRet=3508
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/pbb/pagina-inicial/atendimento
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/portalbb/page3,7932,7951,0,0,1,0.bb?bread=1_3&codigoMenu=3490&codigoRet=3511
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/pbb/s001t006p002,500965,502412,8,1,1,2.bb
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/portalbb/home23,10548,10548,0,0,1,5.bb
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/portalbb/page3,7932,3678,22,0,1,8.bb
MethodPOST
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/pbb/
MethodGET
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/portalbb/page251,8305,8388,0,0,1,6.bb?codigoNoticia=31200
MethodPOST
ParameterX-XSS-Protection
URLhttp://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb
MethodPOST
ParameterX-XSS-Protection
Instances42
Solution
Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'.

Other information

The X-XSS-Protection HTTP response header allows the web server to enable or disable the web browser's XSS protection mechanism. The following values would attempt to enable it:

X-XSS-Protection: 1; mode=block

X-XSS-Protection: 1; report=http://www.example.com/xss

The following values would disable it:

X-XSS-Protection: 0

The X-XSS-Protection HTTP response header is currently supported on Internet Explorer, Chrome and Safari (WebKit).

Note that this alert is only raised if the response body could potentially contain an XSS payload (with a text-based content type, with a non-zero length).

Reference

https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet

https://blog.veracode.com/2014/03/guidelines-for-setting-security-headers/

CWE Id933
WASC Id14
Source ID3




8 Cross-Domain JavaScript Source File Inclusion

Description

The page includes one or more script files from a third-party domain.

URLhttp://www.bb.com.br/portalbb/page3,7932,7949,0,0,1,0.bb?bread=1_1&codigoMenu=3490&codigoRet=3508
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/page4,8305,8388,0,0,1,6.bb?codigoMenu=15245&codigoNoticia=28842
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/page3,7932,7948,22,0,1,8.bb?bread=1&codigoMenu=3490&codigoNoticia=4246&codigoRet=3494
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb
MethodPOST
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/home16,500355,500355,21,0,1,1.bb
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/page3,7932,7951,0,0,1,0.bb?bread=1_3&codigoMenu=3490&codigoRet=3511
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/page251,8305,8388,0,0,1,6.bb?codigoNoticia=31200
MethodPOST
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/page3,7932,3678,22,0,1,8.bb
MethodPOST
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/hs001003,500490,500491,1,0,1,1,80.bb
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/page3,7932,7950,0,0,1,0.bb?bread=1_2&codigoMenu=3490&codigoRet=3510
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/page3,7932,7953,0,0,1,0.bb?bread=1_5&codigoMenu=3490&codigoRet=3513
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/page100,8305,4911,0,0,1,6.bb?codigoMenu=15244&codigoNoticia=28839
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb?dv=1
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/page4,8305,3912,0,0,1,6.bb?codigoMenu=15217&codigoNoticia=28458
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/page3,7932,7952,0,0,1,0.bb?bread=1_4&codigoMenu=3490&codigoRet=3512
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/page100,8305,19205,0,0,1,6.bb?codigoMenu=15368&codigoNoticia=28840
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/home29,8305,8305,0,0,1,6.bb
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/page3,7932,3678,22,0,1,8.bb
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
URLhttp://www.bb.com.br/portalbb/home16,500355,500355,21,0,1,1.bb?dv=1
MethodGET
Parameterhttp://www57.bb.com.br/eni/APPS/arquivos/id.js
Evidence<script type="text/javascript" src="http://www57.bb.com.br/eni/APPS/arquivos/id.js"></script>
Instances21

Solution

Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.

Reference

CWE Id829
WASC Id15
Source ID3


9 Great Redirection detected (potential disclosure of sensitive information)

Description

The server has responded with a redirect that seems to provide a large response. 
This could indicate that although the server sent a redirect, it also responded with 
content (which could contain sensitive details, PII, etc.)

URLhttp://www.bb.com.br/mpo
MethodGET
URLhttp://www.bb.com.br/bbjovem
MethodGET
URLhttp://www.bb.com.br/empreendedor
MethodGET
URLhttp://www.bb.com.br/seguranca
MethodGET
URLhttp://www.bb.com.br/acoes
MethodGET
URLhttp://www.bb.com.br/acessoainformacao
MethodGET
URLhttp://www.bb.com.br/aguabrasil
MethodGET
URLhttp://www.bb.com.br/patrocinios
MethodGET
Instances8
 
----------
Solution
----------
Make sure that no sensitive information is disclosed through redirected responses. Re-addressed responses should have very little content.

--------------------
Other information
---------------------
Ubicacin de longitud encabezado URI: 95 [http://www.bb.com.br/portalbb/page47,108,7514,8,0,1,2.bb?codigoMenu=113&codigoRet=15940&bread=7].

Tamao predecido de respuesta: 395.

Longitud de cuerpo de respuesta: 719.

Reference
[cadena vaca]

CWE Id201
WASC Id13
Source ID3




10 The content security policy (CSP) header has not been established

Description Content security policy (CSP) is an added
layer of security that helps detect and mitigate
certain types of attacks, including Cross Site Scripting 
(XSS) and data injection attacks.
These attacks are used for everything from 
data theft to site defacement or 
malware distribution. CSP provides a set of
standard HTTP headers that 
allow website owners to declare approved
content sources that browsers
should allow to load on their page - cover types are JavaScript, CSS, 
HTML frames, fonts, images, and embeddable objects such as 
applets of Java, ActiveX, audio and video files.

URLhttp://www.bb.com.br/portalbb/home23,110,110,11,0,1,3.bb
MethodGET
URLhttp://www.bb.com.br/portalbb/home16,500355,500355,21,0,1,1.bb?dv=1
MethodGET
URLhttp://www.bb.com.br/pbb/
MethodGET
URLhttp://www.bb.com.br/portalbb/page251,8305,8388,0,0,1,6.bb?codigoNoticia=31200
MethodGET
URLhttp://www.bb.com.br/pbb/pagina-inicial/cooperativas
MethodGET
URLhttp://www.bb.com.br/pbb/pagina-inicial/empresarial
MethodGET
URLhttp://www.bb.com.br/portalbb/home16,500355,500355,21,0,1,1.bb
MethodGET
URLhttp://www.bb.com.br/portalbb/home23,111,111,13,0,1,3.bb
MethodGET
URLhttp://www.bb.com.br/pbb/pagina-inicial/corporate
MethodGET
URLhttp://www.bb.com.br/pbb/pagina-inicial/empresas
MethodGET
URLhttp://www.bb.com.br/portalbb/page3,7932,7953,0,0,1,0.bb?bread=1_5&codigoMenu=3490&codigoRet=3513
MethodGET
URLhttp://www.bb.com.br/portalbb/home29,8623,8623,1,0,1,1.bb
MethodGET
URLhttp://www.bb.com.br/portalbb/page3,7932,7948,22,0,1,8.bb?bread=1&codigoMenu=3490&codigoNoticia=4246&codigoRet=3494
MethodGET
URLhttp://www.bb.com.br/portalbb/page22,101,2292,0,0,1,1.bb?codigoMenu=225&codigoNoticia=31640
MethodGET
URLhttp://www.bb.com.br/docs/pub/emp/empl/dwn/ManualComelet.pdf
MethodGET
URLhttp://www.bb.com.br/portalbb/home29,112,112,15,0,1,3.bb
MethodGET
URLhttp://www.bb.com.br/portalbb/page3,7932,3678,22,0,1,8.bb
MethodPOST
URLhttp://www.bb.com.br/pbb/s001t006p002,500965,502412,8,1,1,2.bb
MethodGET
URLhttp://www.bb.com.br/
MethodGET
URLhttp://www.bb.com.br/portalbb/home29,113,113,14,0,1,3.bb
MethodGET
Instances50


----------
Solution
-----------

Make sure your web server, application server, load balancer, etc.
is configured to set the strict security policy header,
to achieve optimal browser support: "Content Security Policy
for Chrome 25+, Firefox 23+ and Safari 7+, "Content
Security Policy X" for Firefox 4.0 + and
Internet Explorer 10+, and "X-Webkit-CSP"
 for Chrome 14+ and Safari 6+.

Reference
https://developer.mozilla.org/en-US/docs/Web/Security/CSP
/Introducing_Content_Security_Policy 
https://www.owasp.org/index.php/Content_Security_Policy
http://www.w3.org/TR/CSP/ http://w3c.github.io/webappsec/specs/ 
Content-Security-Policy/CSP-Specification.dev.html 
http://www.html5rocks.com/en/tutorials/security/content-security-policy/
http://caniuse.com/#feat=contentsecuritypolicy http://content-security-policy.com/

CWE Id16
WASC Id15
Source ID3




11 Hash Divulgation - MD4 / MD5

Description

A hash has been disclosed by the web server - MD4 / MD5


URLhttp://www.bb.com.br/pbb/app/docs/comum/images/structure/header/icon/apple-icon-144x144.png

MethodGET
Evidenceb356098659224bee23df80a1098ddb2a
URLhttp://www.bb.com.br/pbb/app/docs/comum/images/structure/header/icon/apple-icon-57x57.png
MethodGET
Evidenceb356098659224bee23df80a1098ddb2a
URLhttp://www.bb.com.br/pbb/app/docs/comum/images/structure/header/icon/apple-icon-114x114.png
MethodGET
Evidenceb356098659224bee23df80a1098ddb2a
URLhttp://www.bb.com.br/pbb/app/docs/comum/images/structure/header/icon/favicon-32x32.png
MethodGET
Evidenceb356098659224bee23df80a1098ddb2a
URLhttp://www.bb.com.br/pbb/app/docs/comum/images/structure/header/icon/apple-icon-72x72.png
MethodGET
Evidenceb356098659224bee23df80a1098ddb2a
URLhttp://www.bb.com.br/docs/pub/atend/toquio/dwn/NetprMaintPT.pdf
MethodGET
EvidenceA253144FF8221247918F5D43147DEBB2
URLhttp://www.bb.com.br/pbb/app/docs/comum/images/structure/header/icon/apple-icon-152x152.png
MethodGET
Evidenceb356098659224bee23df80a1098ddb2a
URLhttp://www.bb.com.br/pbb/app/docs/comum/images/structure/header/icon/apple-icon-180x180.png
MethodGET
Evidenceb356098659224bee23df80a1098ddb2a
URLhttp://www.bb.com.br/pbb/app/docs/comum/images/structure/header/icon/apple-icon-60x60.png
MethodGET
Evidenceb356098659224bee23df80a1098ddb2a
URLhttp://www.bb.com.br/docs/pub/atend/toquio/dwn/NetprMaintPT.pdf
MethodGET
Evidence4705796A0ACA3D4EB70EF22908773587
URLhttp://www.bb.com.br/pbb/app/docs/comum/images/structure/header/icon/apple-icon-120x120.png
MethodGET
Evidenceb356098659224bee23df80a1098ddb2a
URLhttp://www.bb.com.br/pbb/app/docs/comum/images/structure/header/icon/apple-icon-76x76.png
MethodGET
Evidenceb356098659224bee23df80a1098ddb2a
Instances12
Solution
Asegrese que los hashes que son usados para proteger credenciales u otros recursos no estn infiltrados por el servidor web o la base de datos. Tpicamente no hay ningn requisito para contraseas de hashes para ser accesibles para el navegador web.

Other information

b356098659224bee23df80a1098ddb2a

Reference

https://www.Owasp.org/index.php/Top_10_2013-A6-Sensitive_Data_Exposure http://projects.webappsec.org/w/page/13246936/Information%20Leakage

http://openwall.info/wiki/john/sample-hashes

CWE Id200
WASC Id13
Source ID




12 Storable and cacheable content


Description

The response contents are storable by cacheable components such as proxy servers, 
and could be obtained directly from the cache,
rather than from the 
origin server by caching services,
in response to similar requests from 
other users.
If the response data is sensitive,
personal or specific to a user,
this could result
in the disclosure of sensitive information. 
In some cases, this could even result in a 
user gaining complete
control of another user's session,
depending on the configuration of caching 
components in use in 
their environments.
This is primarily a problem 
where shared cache servers '' '' '' '' 
such as caches '' '' proxy '' '' 
are configured 
in the local network.
This configuration is
typically found in 
educational or corporate environments




URLhttp://www.bb.com.br/portalbb/img.ImgWriter?codigo=29759&origem=CCI
MethodGET
EvidenceWed, 22 May 2019 17:14:24 GMT
URLhttp://www.bb.com.br/docs/img/btMaisPublicos.png
MethodGET
URLhttp://www.bb.com.br/portalbb/img.ImgWriter?codigo=29756&origem=CCI
MethodGET
EvidenceWed, 22 May 2019 17:14:24 GMT
URLhttp://www.bb.com.br/docs/img/v5/imgCantoMenuDir.png
MethodGET
URLhttp://www.bb.com.br/docs/img/v5/dot.gif
MethodGET
URLhttp://www.bb.com.br/docs/img/v5/btToken.png
MethodGET
URLhttp://www.bb.com.br/pbb/app/docs/comum/images/structure/header/icon/favicon-32x32.png
MethodGET
URLhttp://www.bb.com.br/docs/img/v5/imgAumentaFonte.png
MethodGET
URLhttp://www.bb.com.br/docs/img/v5/dhtmlMcBordaBottom.png
MethodGET
URLhttp://www.bb.com.br/portalbb/page100,8305,4911,0,0,1,6.bb?codigoMenu=15244&codigoNoticia=28839
MethodGET
URLhttp://www.bb.com.br/docs/css/ac/layoutHome1.css?1
MethodGET
URLhttp://www.bb.com.br/portalbb/jsp/eng/index.jsp
MethodGET
URLhttp://www.bb.com.br/docs/img/btLogo1.gif
MethodGET
URLhttp://www.bb.com.br/docs/pub/atend/toquio/dwn/tela2red2.gif
MethodGET
URLhttp://www.bb.com.br/docs/img/v5/imgDiminuiFonte.png
MethodGET
URLhttp://www.bb.com.br/portalbb/hs001003,500490,500491,1,0,1,1,80.bb
MethodGET
URLhttp://www.bb.com.br/docs/css/ac/cssSP22.css
MethodGET
URLhttp://www.bb.com.br/docs/pub/inst/img/tela6red.gif
MethodGET
URLhttp://www.bb.com.br/pbb/app/docs/comum/images/structure/header/icon/apple-icon-152x152.png
MethodGET
URLhttp://www.bb.com.br/pbb/app/docs/s001/stylesheets/style.css?v=201804051
MethodGET
Instances117
Solution

Validate that the response does not contain sensitive, personal or specific information of a user. IF you do so, consider using the following HTTP response headers, to limit, or prevent content being stored and retrieved from the cache by another user:

Control-Cach: no-cache, no-store, must-revalidate, private

Pragma: no-cache

Expires: 0


This configuration directs both HTTP 1.0 and HTTP 1.1 compatible cache servers to not store the response, and to not retrieve the response (without validation) from the cache, in response to a similar request.


Reference

https://Tools.ietf.org/html/rfc7234

https://tools.ietf.org/html/rfc7231

http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html (sustituido por rfc7234)

CWE Id524
WASC Id13
Source ID3





13 Non-storable content

Description

The response contents are not storable from 
cache contents such as proxy servers. If the answe
r does not contain sensitive, personal, or specific
 information of a user, it could benefit from being stored
 and cached, to improve performance.

RLhttp://www.bb.com.br/acoes
MethodGET
Evidence302
URLhttp://www.bb.com.br/patrocinios
MethodGET
Evidence302
URLhttp://www.bb.com.br/pbb/pagina-inicial/estilo
MethodGET
Evidenceno-store
URLhttp://www.bb.com.br/pbb/s001t006p002,500965,502412,8,1,1,2.bb
MethodGET
Evidenceno-store
URLhttp://www.bb.com.br/aguabrasil
MethodGET
Evidence302
URLhttp://www.bb.com.br/pbb/pagina-inicial/empresas
MethodGET
Evidenceno-store
URLhttp://www.bb.com.br/pbb/pagina-inicial/corporate
MethodGET
Evidenceno-store
URLhttp://www.bb.com.br/pbb
MethodGET
Evidence302
URLhttp://www.bb.com.br/bbjovem
MethodGET
Evidence302
URLhttp://www.bb.com.br/mpo
MethodGET
Evidence302
URLhttp://www.bb.com.br/empreendedor
MethodGET
Evidence302
URLhttp://www.bb.com.br/pbb/pagina-inicial/atendimento
MethodGET
Evidenceno-store
URLhttp://www.bb.com.br/acessoainformacao
MethodGET
Evidence302
URLhttp://www.bb.com.br/seguranca
MethodGET
Evidence302
URLhttp://www.bb.com.br/pbb/pagina-inicial/cooperativas
MethodGET
Evidenceno-store
URLhttp://www.bb.com.br/pbb/pagina-inicial/empresarial
MethodGET
Evidenceno-store
URLhttp://www.bb.com.br/pbb/pagina-inicial/private
MethodGET
Evidenceno-store
URLhttp://www.bb.com.br/pbb/pagina-inicial/voce
MethodGET
Evidenceno-store
Instances18

Solution


The content could be marked as storable by ensuring that the following conditions are met:

The request method must be understood by the cache and defined 
as cacheable
 ('' '' GET '' '', '' "HEAD '' '', and '' '' POST '' '' are currently defined 
as cacheable)

The response status code must be understood by the 

cache (one of the 1XX, 2XX, 3XX, 4XX or 5XX types of responses 

are generally understood)

The cache directive '' '' no-store '' '' should not appear in the request or response header fields

For caching using "shared" caches as "proxy" caches, the "private" response directive should not appear in the response

For caching by "'' shared '' '' caches as '' '' 'proxy' '' 'caches, the header field'

' 'Authorization' '' should not appear in the request,

 except that the response explicitly allow it (using one of the

 "must-revalidate" '' ',' '' '' 'public' '' 'or' '' 's-maxage' '

 'control-control directives-cache)

In addition to the conditions above

, at least one of the following conditions must also be met by the response:

Must contain a header field "Expires"

Must contain a "max-age" response directive

For shared caches' '' '' '' '' such as caches' '' 

'proxy' '' ', must contain a response directive' '' '' 's-maxage' '' '

Must contain a '' '' Cache control extention

 '' '' that allows it to be cached

It must have a status code that is defined as cacheable

by default (200, 203, 204, 206, 300,

 301, 404, 405, 410, 414, 501).

Reference

https://Tools.ietf.org/html/rfc7234

https://tools.ietf.org/html/rfc7231

http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html (sustituido por rfc7234)


CWE Id524

WASC Id13

Source ID3




14  information Disclosure - Suspicious Comments 

Description 

The response appears to contain suspicious comments which may help an attacker


URLhttp://www.bb.com.br/portalbb/home16,500355,500355,21,0,1,1.bb?dv=1
MethodGET
URLhttp://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb
MethodGET
URLhttp://www.bb.com.br/portalbb/home16,500355,500355,21,0,1,1.bb
MethodGET
URLhttp://www.bb.com.br/docs/sitesp/sustentabilidade/hotsite_Internet.html
MethodGET
URLhttp://www.bb.com.br/portalbb/page3,7932,7950,0,0,1,0.bb?bread=1_2&codigoMenu=3490&codigoRet=3510
MethodGET
URLhttp://www.bb.com.br/portalbb/page3,7932,3678,22,0,1,8.bb
MethodPOST
URLhttp://www.bb.com.br/portalbb/page3,7932,3678,22,0,1,8.bb
MethodGET
URLhttp://www.bb.com.br/portalbb/page251,8305,8388,0,0,1,6.bb?codigoNoticia=31200
MethodGET
URLhttp://www.bb.com.br/portalbb/home1,8305,8305,0,0,1,6.bb
MethodPOST
URLhttp://www.bb.com.br/portalbb/hs001003,500490,500491,1,0,1,1,80.bb
MethodGET
URLhttp://www.bb.com.br/portalbb/home1,7490
MethodGET
URLhttp://www.bb.com.br/portalbb/page100,8305,4911,0,0,1,6.bb?codigoMenu=15244&codigoNoticia=28839
MethodGET
URLhttp://www.bb.com.br/portalbb/page100,8305,19205,0,0,1,6.bb?codigoMenu=15368&codigoNoticia=28840
MethodGET
URLhttp://www.bb.com.br/portalbb/page3,7932,7952,0,0,1,0.bb?bread=1_4&codigoMenu=3490&codigoRet=3512
MethodGET
URLhttp://www.bb.com.br/portalbb/page3,7932,7951,0,0,1,0.bb?bread=1_3&codigoMenu=3490&codigoRet=3511
MethodGET
URLhttp://www.bb.com.br/portalbb/http:/www.bb.com.br/pbb/pagina-inicial/atendimento
MethodGET
URLhttp://www.bb.com.br/portalbb/page251,8305,8388,0,0,1,6.bb?codigoNoticia=31200
MethodPOST
URLhttp://www.bb.com.br/portalbb/page4,8305,8388,0,0,1,6.bb?codigoMenu=15245&codigoNoticia=28842
MethodGET
URLhttp://www.bb.com.br/portalbb/page4,8305,3912,0,0,1,6.bb?codigoMenu=15217&codigoNoticia=28458
MethodGET
URLhttp://www.bb.com.br/portalbb/page3,7932,7949,0,0,1,0.bb?bread=1_1&codigoMenu=3490&codigoRet=3508
MethodGET
Instances24

Solution

Remove all comments that return information that may help an attacker and fix any underlying problems they refer to.

Other information

<script type="text/javascript">

//var urlDominio = top.location.href;

//var urlDominio = (window.location != window.parent.location) ? document.referrer: document.location +"";

var isIFrame = false;

if (window!=window.top) {

isIFrame = true

}else{

isIFrame = false;

}

//if(urlDominio.indexOf("bancodobrasilseguridade") != -1){

if(isIFrame){

$(function(){

$('a').each(function() {

if($(this).attr('href') === undefined){

}else{

var urlRec = $(this).attr('href');

if(

urlRec.indexOf("javascript") == -1 &&

urlRec.indexOf("?codigoMenu=40031") == -1 &&

urlRec != "" &&

urlRec != "#"

){

if($(this).attr('href') != null && $(this).attr('href') != ''){

var newHref = $(this).attr('href');

$(this).attr("realHref", newHref);

//$(this).attr('href', "http://www.bancodobrasilseguridade.com.br");

$(this).attr('href', "http://");

}else{

$(this).attr('href', "http://");

//$(this).attr('href', "https://www.bancodobrasilseguridade.com.br");

var newHref = $(this).attr('href');

$(this).attr("realHref", newHref);

}

$(this).click(function(){

url = $(this).attr("realHref");

//parent.document.getElementById("urlId").innerHtml = $(this).attr("realHref");

if(

url.indexOf("/appbb/portal/") == -1 &&

url.indexOf("javascript:abreVDHTML(") == -1 &&

url.indexOf("javascript:escondeCampos(") == -1 &&

url.indexOf("javascript:history.back(") == -1 &&

url.indexOf("bancodobrasil.") == -1 &&

url.indexOf("bancobrasil.") == -1 &&

url.indexOf("/docs/") == -1 &&

url.indexOf("/portalbb/") == -1 &&

url.indexOf("prevMonth()") == -1 &&

url.indexOf("nextMonth()") == -1 &&

url.indexOf("mudaFontediv(") == -1 &&

url.indexOf("posicaoRodape(") == -1 &&

url.indexOf("bb.com.br") == -1 &&

url.indexOf("setActiveStyleSheet(") == -1 &&

url.indexOf("selectDate(") == -1 &&

url.indexOf("determinaNichos(") == -1 &&

url.indexOf("bancodobrasilseguridade") == -1 &&

url.indexOf("/page") == -1 &&

url.indexOf("/home") == -1 &&

url.indexOf("page") == -1 &&

url.indexOf("MudaGrafico(") == -1 &&

url != "#" &&

url.indexOf("TrocaAba(") == -1

&& url.indexOf("prnweswire") == -1 && url.indexOf("investimentos-e") == -1 && url.indexOf("bbprevidencia") == -1 && url.

indexOf("licitaes-e") == -1 && url.indexOf("agronegocios-e") == -1 && url.indexOf("climatempo") == -1 && url.indexOf("cma")

 == -1 && url.indexOf("fbb") == -1 && url.indexOf("simuladorimobiliario") == -1 && url.indexOf("bbsegurosaude") == -1 && url.indexOf

("brasilveiculos") == -1 && url.indexOf("aliancadobrasil") == -1 && url.indexOf("www.visa.com.br") == -1 && url.indexOf("mastecard") == -1 

&& url.indexOf("mz-ir") == -1 && url.indexOf("sitenet.serasa") == -1 && url.indexOf("brasilprev") == -1 && url.indexOf("promocaoourocardecielo") == -1 && url.indexOf
("www.mediagroup.com.br/testes/bb_page_flip/port/") == -1 && url.indexOf("www.eufacoacontecer.com.br") == -1 && url.indexOf("http://www.migre.me")

 == -1 && url.indexOf("http://www.twixar.com") == -1 && 

url.indexOf("https://livepass.showare.com.br/") == -1 && url.indexOf("http://www.comprapremiadaourocard.com.br/") == -1 && url.indexOf

("http://www.br.com.br/wps/portal/portalconteudo/produtos/cart") == -1 && 

url.indexOf("https://www.licitacoes-e.com.br/aop/index.jsp") == -1 && url.indexOf

("https://b2c.bbtur.com.br/") == -1 && url.indexOf("http://www.iti.gov.br/") == -1 && url.indexOf

("http://www.blogaguabrasil.com.br/") == -1 && url.indexOf("http://www.prepax.com.br/cbssprepax/bb")

 == -1 && url.indexOf("home") == -1 && url.indexOf("http://b2c.bbtur.com.br/") == -1 && url.indexOf

("http://www.bancodobrasilseguridade.com.br/") == -1 && url.indexOf("brasilcap") == -1 && url.indexOf

("bancodobrasilseguridade") == -1 && url.indexOf("wittel") == -1 && url.indexOf("Comprapremiada") == -1 && 

url.indexOf("Prepax") == -1 && url.indexOf("BBCOVERS") == -1 && url.indexOf("admin bb205anos") == -1 && url

.indexOf("executantecompe") == -1 && url.indexOf("executante") == -1 && url.indexOf

("compeexecutante") == -1 && url.indexOf("compexecutante") == -1 && url.indexOf("bbjovem")

 == -1 && url.indexOf("momentohistoricoourocard") == -1 && url.indexOf("bbcovers") == -1 && url.indexOf("Lei 4.595, 

de 31 de dezembro de 1964") == -1 && url.indexOf("Lei 7.357, de 02 de setembro de 1985") == -1 && url.indexOf

("Lei 7.783, de 28 de junho de 1989") == -1 && url.indexOf("Lei 10.214, de 27 de maro de 2001") 

== -1 && url.indexOf("http://www.bcb.gov.br/") == -1 && url.indexOf("http://www.planalto.gov.br/") ==

 -1 && url.indexOf("http://www.fgc.org.br/") == -1 && url.indexOf("http://www.febraban.org.br/") == -1 && 

url.indexOf("bbseguranca") == -1 && url.indexOf("google-analytics") == -1 && url.indexOf("https://www.facebook.com/BBnosEsportes")

 == -1 && url.indexOf("https://twitter.com/bbnosesportes") == -1 && 

url.indexOf("https://instagram.com/bbnosesportes") == -1 && url.indexOf("https://www.youtube.com/watch?v=I5jp-2NqYos")

 == -1 && url.indexOf("http://www.pontoslivelo.com.br") == -1 && url.indexOf

("http://www.bbdigital.com.br/") == -1 && url.indexOf("http://www.bbcode.com.br/")

 == -1 && url.indexOf("https://mobi.bb.com.br/lj") == -1 && url.

indexOf("https://www.youtube.com/watch?v=0k1mhDsifPw") == -1 

&& url.indexOf("http://www.bbdigital.com.br") == -1 && url.indexOf("https://www.facebook.com/bancodobrasil")

 == -1 && url.indexOf("https://twitter.com/bancodobrasil") == -1 && url.indexOf

("https://www.youtube.com/user/bancodobrasil") == -1 && url.indexOf("https://instagram.com/bancodobrasil")

 == -1 && url.indexOf("https://www.bbprevidencia.com.br/linkExterno/empresalimpa") == -1 && 

url.indexOf("https://www.pensefuturo.com.br") == -1 && url.indexOf("https://www.previc.gov.br/") == -1 &&

 url.indexOf("https://www.bbprevidencia.com.br/acessorestrito") == -1 && url.indexOf

("http://bbsimplifica.com.br/franquia") == -1 && url.indexOf("http://bbsimplifica.com.br/empreendedor-individual")

 == -1 && url.indexOf("http://www.pontoslivelo.com.br/livelo/alivelo") == -1 && url.indexOf

("https://www.avianca.com.br/") == -1 && url.indexOf("https://www.pontosmultiplus.com.br/promo/diadoconsumidor")

 == -1 && url.indexOf("http://www.smiles.com.br/bancos/bb60") == -1 && url.indexOf

("http://bbsimplifica.com.br/") == -1 && url.indexOf("http://www.bbsimplifica.com.br/") == -1 && url.indexOf
("http://www.bbestilodigital.com.br/") == -1 && url.indexOf("http://www.bbseguridaderi.com.br/pt") 

== -1 && url.indexOf("http://www.bbseguridaderi.com.br") == -1 && url.indexOf("http://www.bbseguridaderi.com.br/en")

 == -1 && url.indexOf("https://www.youtube.com/watch?v=x18LA3O_WY4&feature=youtu.be") == -1 

&& url.indexOf("http://www.ethicsdeloitte.com.br/bbseguridade") == -1 && url.indexOf("https://www.youtube.com/watch?v=qjK_KddmhDg")

 == -1 && url.indexOf("https://www.youtube.com/watch?v=7lhPOByYE44") == -1 

&& url.indexOf("https://www.youtube.com/watch?v=U_rvYpunNKk") == -1 && url.indexOf("https://www.youtube.com/watch?v=nNupfhvcVPY") 
== -1 && url.indexOf("https://youtu.be/tl0YL0DQNJc") == -1 && url.indexOf

("https://www.youtube.com/watch?v=dKRsPjHlYrg") == -1 && url.indexOf("https://www.youtube.com/watch?v=treGUO4qThQ")

 == -1 && url.indexOf("https://www.youtube.com/watch?v=N4vi2i98c4g") == -1 && url.indexOf

("http://promocoesleclub.com.br/bb/") == -1 && url.indexOf("http://www.flytap.com/ptpt/victoria/promocoes")

 == -1 && url.indexOf("http://www.smiles.com.br/bancos/bonusbb") == -1 && url.indexOf

("https://www.youtube.com/watch?v=wunN2LQ1dXY&feature=youtu.be") == -1 && url.indexOf("http://www.bbseguros.com.br") 
== -1 && url.indexOf("https://www.linkedin.com/company-beta/162626/") == -1 && 

url.indexOf("https://www.linkedin.com/company-beta/162626/") == -1 && url.indexOf

("https://www.youtube.com/watch?v=wunN2LQ1dXY&featur") == -1 && url.indexOf

("https://www.bbseguros.com.br/seguradora/para-

voce/seguro-aut") == -1 && url.indexOf("https://www.bbseguros.com.br/seguradora/

servicos/sinistro/si") == -1 && url.indexOf("https://www.bbseguros.com.br/seguradora/atendimento/atendime") == -1 && 

url.indexOf("https://www.bbseguros.com.br/seguradora/servicos/sinistro/si") 

== -1 && url.indexOf("https://www.bbseguros.com.br/seguradora/para-voce/seguro-mot") == -1 && url.indexOf

("https://www.bbseguros.com.br/seguradora/atendimento/atendime") == -1 && 

url.indexOf("https://www.bbseguros.com.br/seguradora/para-voce/seguro-mot") == -1 && url.indexOf

("https://www.bbseguros.com.br/seguradora/servicos/sinistro/si") == -1 && 

url.indexOf("https://www.bbseguros.com.br/seguradora/para-voce/seguro-mot") == -1 && url.indexOf

("http://www3.bbseguroauto.com.br/services/DocumentManagement/") == -1 && 

url.indexOf("https://www.bbseguros.com.br/seguradora/servicos/sinistro/de") == -1 && url.indexOf

("https://www.bbseguros.com.br/seguradora/servicos/sinistro/de") == -1 &&

 url.indexOf("https://www.bbseguros.com.br/seguradora/servicos/sinistro/de") == -1 && url.indexOf

("http://www3.bbseguroauto.com.br/issuu/CondicoesGeraisProduto") == -1 && 

url.indexOf("https://sitenet37.serasa.com.br/am3cartaobb/parceiro/4A34E8C") == -1 && url.indexOf

("http://www.circuitobancodobrasil.com.br") == -1 && url.indexOf

("https://www.ourocardeshow.com.br/") == -1 && url.indexOf

("https://www.youtube.com/watch?v=qbB-Hj0aj_E") == -1 && url.indexOf

("http://www.smiles.com.br/") == -1 && url.indexOf

("https://guiabbimovel.labbs.com.br/?pk_campaign=98&pk_kwd=MRV") ==

 -1 && url.indexOf("https://guiabbimovel.labbs.com.br/?pk_campaign=75&pk_kwd=MRV") == -1 

&& url.indexOf("https://guiabbimovel.labbs.com.br/?pk_campaign=89&pk_kwd=MRV")

 == -1 && url.indexOf("https://guiabbimovel.labbs.com.br/?pk_campaign=112&pk_kwd=MR")
 == -1 && url.indexOf

("https://guiabbimovel.labbs.com.br/?pk_campaign=77&pk_kwd=MRV") == -1 && url.indexOf

("https://guiabbimovel.labbs.com.br/?pk_campaign=86&pk_kwd=MRV") == -1 && url.indexOf

("https://guiabbimovel.labbs.com.br/?pk_campaign=90&pk_kwd=MRV") == -1 && url.indexOf

("https://guiabbimovel.labbs.com.br/?pk_campaign=108&pk_kwd=MR") == -1 && url.indexOf

("https://guiabbimovel.labbs.com.br/?pk_campaign=82&pk_kwd=MRV") == -1 && url.indexOf

("https://guiabbimovel.labbs.com.br/?pk_campaign=87&pk_kwd=MRV") == -1 && url.indexOf

("https://guiabbimovel.labbs.com.br/?pk_campaign=76&pk_kwd=MRV") == -1 && url.indexOf

("https://guiabbimovel.labbs.com.br/?pk_campaign=85&pk_kwd=MRV") == -1 && url.indexOf

("https://guiabbimovel.labbs.com.br/?pk_campaign=119&pk_kwd=MR") == -1 && url.indexOf

("https://guiabbimovel.labbs.com.br/?pk_campaign=91&pk_kwd=MRV") == -1 && url.indexOf

("https://guiabbimovel.labbs.com.br/?pk_campaign=106&pk_kwd=MR") == -1 && url.indexOf

("https://guiabbimovel.labbs.com.br/?pk_campaign=72&pk_kwd=MRV") == -1 && url.indexOf

("https://www.youtube.com/watch?


v=wunN2LQ1dXY&feature=youtu.be") == -1 && url.indexOf("https://youtu.be/y8NAt27VPds")

 == -1 && url.indexOf("https://youtu.be/wunN2LQ1dXY") == -1 && url.indexOf

"http://www.promocaotorcidabrasil.com.br") == 

-1 && url.indexOf("http://www.vitrineourocard.com.br/")

 == -1 && url.indexOf("https://www.cartaoelo.com.br/eloofertas/")

 == -1 && url.indexOf("https://www.visa.com.br") == -1 && url.indexOf

("https://www.mastercard.com.br") == -1 && url.indexOf("https://youtu.be/kqWs8fBgA0c")

 == -1 && url.indexOf("https://www.youtube.com/watch?v=O21ktz0Dfs4&t=0s&index=2&lis") == -1 && url.indexOf

("http://blog.bbprevidencia.com.br/") == -1 && url.indexOf("http://www.pensefuturo.com.br/")

 == -1 && url.indexOf("http://agrobot.labbs.com.br/") == -1 && url.indexOf

("https://www.youtube.com/bancodobrasil/supermae") == -1 && url.indexOf

("https://recompensasdigitais.com.br/") == -1 && url.indexOf
("https://www.bbseguros.com.br/seguradora/servicos/rede-benefi") == -1 && 

url.indexOf("https://www.bbseguros.com.br/seguradora/servicos/sinistro/")

 == -1 && url.indexOf("https://www.bbseguros.com.br/seguradora/atendimento/duvidas-")
 == -1 && url.indexOf

("https://www.bbseguros.com.br/seguradora/quem-somos/noticias/") == -1



){


cont = url.length;

for(var i=0;i<=cont;i++) {

if(url.substring(i,i+1).indexOf("&") != -1){

url = url.replace("&","@");

}

}

//alert("vai ser popup \n :"+$(this).attr("realHref"));

PopUpLinks('/portalbb/jsp/home/inst/inc/popUpLinksExt.jsp?idioma=1&end='+url,'popUp','566','482',0);

url = "";

return false;

}else{

//if($(this).attr("realHref") != 'https://www.bancodobrasilseguridade.com.br'){

//alert("Vou acessar >>> \n "+$(this).attr("realHref"));

if($(this).attr("realHref") != ''){

document.location = $(this).attr("realHref");

return false;

}else{

return false;

}

}

});

}

}//fim undef...

});

});

}

//Personlizaes para resolues abaixo de 1024.

if(getDimencoesJanela().largura <= 1024){

pesona1024();

}

</script>

<script type="text/javascript" language="JavaScript">

function init2(){

if (window == window.top) {

var links = document.getElementsByTagName("a");

var idioma = "1";

var uri = location.href;

var temTermo = false;

for(var i=0;i<links.length;i++) {

if (links[i].href != ""){

url = links[i].href;

if(

links[i].href.indexOf("/appbb/portal/

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.