Read more articles in Cenzic SmartAttack Updates for Web Vulnerabilities
|
 |
| March 02, 2009 | | The IBM WebSphere Application Server Cluster Configuration File Information Disclosure Vulnerability is now supported in the Cenzic Web Server SmartAttack | As of February 27, 2009, Cenzic now protects against the IBM WebSphere Application Server Cluster Configuration File Information Disclosure Vulnerability (BugtraqID 33905). The IBM WebSphere Application Server is prone to an information-disclosure vulnerability because it fails to properly conceal sensitive configuration data. Exploiting this vulnerability allows hackers to access sensitive information that can aid in further attacks. WebSphere Application Server 6.1.2 and 6.2 are vulnerable.
Background on Cenzic’s SmartAttacks
Every week, Cenzic’s suite of products is updated with the latest vulnerabilities (custom, commercial, and open-source) to use when it emulates a hacker and attacks our customer’s Websites to detect their security posture. These Web application vulnerabilities include (but not limited to) cross site scripting, buffer overflow, path or directory traversal, SQL injection, HTTP response splitting, and other workflow types. by
Erin Swanson
Eswanson@cenzic.com | | |
|
|
