Read more articles in Cenzic SmartAttack Updates for Web Vulnerabilities
|
 |
| January 30, 2009 | | The PHP File Corruption Vulnerability is now supported in the Cenzic Web Server SmartAttack | As of January 30, 2009, Cenzic now protects against the PHP 'dba_replace() 'File Corruption Vulnerability (BugtraqID ID 33498). PHP is prone to a vulnerability that allows attackers to corrupt a database file. This issue occurs because the application fails to validate user-supplied input. Successfully exploiting this issue may result in a denial-of-service condition and the loss of data. PHP version 5.2.6 is affected.
Background on Cenzic’s SmartAttacks
Every week, Cenzic’s suite of products is updated with the latest vulnerabilities (custom, commercial, and open-source) to use when it emulates a hacker and attacks our customer’s Websites to detect their security posture. These Web application vulnerabilities include (but not limited to) cross site scripting, buffer overflow, path or directory traversal, SQL injection, HTTP response splitting, and other workflow types. by
Erin Swanson
Eswanson@cenzic.com | | |
|
|
