Read more articles in Cenzic SmartAttack Updates for Web Vulnerabilities
|
 |
| May 29, 2009 | | An Apache Security Bypass Vulnerability is now detectable in the Cenzic Web Server SmartAttack | As of May 29, 2009, Cenzic can detect the Apache ‘Options’ & ‘AllowOverride’ Directives Security Bypass Vulnerability (BugtraqID 35115). The Apache HTTP server is prone to a security-bypass vulnerability related to the handling of specific configuration directives. An attacker may exploit this issue to execute arbitrary code within the context of the Web server process. This may result in elevated privileges or aid in further attacks. Background on Cenzic’s SmartAttacks
Every week, Cenzic’s suite of products is updated with the latest vulnerabilities (custom, commercial, and open-source) to better detect "holes" in Web applications. These Web application vulnerabilities include (but not limited to) cross site scripting, buffer overflow, path or directory traversal, SQL injection, HTTP response splitting, and other workflow types. by
Erin Swanson
Eswanson@cenzic.com | | |
|
|
