Read more articles in Cenzic SmartAttack Updates for Web Vulnerabilities
|
 |
| December 19, 2008 | | Cenzic provides enhanced support for the PHP Vulnerability for security bypass weakness in its Web Server SmartAttack | On December 19, 2008, Cenzic added enhanced support to their Web Server SmartAttack which includes updates to the PHP Vulnerability for security bypass weakness (BugtraqID 32673). Specifically, the updates are to the PHP 5.2.7 'magic_quotes_gpc' Security Bypass Weakness Vulnerability.
Hackers can exploit this vulnerability by bypassing security checks in PHP applications that rely on the Magic Quotes functionality. This opens such applications up to attacks that take advantage of the software's failure to properly sanitize user input.
PHP version 5.2.7 is affected. Detail information can be looked at
http://www.securityfocus.com/bid/32673/ To learn more details on how you can automatically update your Cenzic Hailstorm product, visit our Website.
Background on Cenzic’s SmartAttacks
Every week, Cenzic’s suite of products is updated with the latest vulnerabilities (custom, commercial, and open-source) to use when it emulates a hacker and attacks our customer’s Websites to detect their security posture. These Web application vulnerabilities include (but not limited to) cross site scripting, buffer overflow, path or directory traversal, SQL injection, HTTP response splitting, and other workflow types. by
Erin Swanson
ESwanson@cenzic.com | | |
|
|
