Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

Internet-Exposed Sphinx Servers at Risk of Attacks

All Sphinx servers that are exposed to the Internet are prone to abuse by cybercriminals, as they can be accessed by anyone, CERT-Bund warns.

All Sphinx servers that are exposed to the Internet are prone to abuse by cybercriminals, as they can be accessed by anyone, CERT-Bund warns.

An open source search engine often used as a backend for web applications, Sphinx is popular among e-commerce developers and merchants due to fast full-text search capabilities, integration with popular database management systems, and support for a range of programming languages.

The issue with any Sphinx server, however, is that, in the default configuration, it listens on ports 9306/TCP and 9312/TCP on all network interfaces.

With no authentication mechanisms available, any Sphinx server that is openly accessible from the Internet could be abused by attackers to read, modify or delete any data stored in the Sphinx database, Germany’s CERT-Bund points out.

One can check whether their Sphinx server is accessible from the Internet by running ‘netcat’ from a machine outside the local network and using the IP address of the host to check. If the server is exposed to the Web and a connection is successfully established, the version information will be returned.

To keep Sphinx servers secure, one would simply need to ensure they are not exposed to the Internet. Admins can also restrict access to the Sphinx server to trusted systems and should consider blocking any incoming connections from the Web to ports 9306/TCP and 9312/TCP.

“If both the Web and Sphinx servers are running on the same system, the Sphinx server should only listen on the localhost interface,” Germany’s Computer Emergency Response Team also notes.

Related: AWS S3 Buckets Exposed Millions of Facebook Records

Advertisement. Scroll to continue reading.

Related: Organizations Expose Sensitive Data via Malware Analysis Sandboxes

Related: New ‘Xwo’ Malware Looks for Exposed Services, Default Passwords

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.