Read more articles in Cenzic SmartAttack Updates for Web Vulnerabilities
|
 |
| March 06, 2009 | | The Apache Tomcat POST Data Information Disclosure Vulnerability is now supported in the Cenzic Web Server SmartAttack | As of March 6, 2009, Cenzic now protects against the Apache Tomcat POST Data Information Disclosure Vulnerability. (BugtraqID 33913). Apache Tomcat is prone to a remote information-disclosure vulnerability. Remote attackers can exploit this issue to obtain sensitive data stored on the server which can lead to further attacks. Additionally, Cenzic updated its attack library to enable Hailstorm users to control the number of injections performed by each Fault Injector SmartAttack on each field in the Web Appliacation at a granular level.
Background on Cenzic’s SmartAttacks
Every week, Cenzic’s suite of products is updated with the latest vulnerabilities (custom, commercial, and open-source) to use when it emulates a hacker and attacks our customer’s Websites to detect their security posture. These Web application vulnerabilities include (but not limited to) cross site scripting, buffer overflow, path or directory traversal, SQL injection, HTTP response splitting, and other workflow types. by
Erin Swanson
Eswanson@cenzic.com | | |
|
|
