http://blog.cenzic.com/public/blog/202612Latest web application vulnerabilities integrated into the Cenzic product suite. <p>This blog features the latest vulnerabilities in web / website applications (custom, commercial, and open-source) that have been integrated into the Cenzic's website security product suite on a weekly basis. These web application vulnerabilities include cross site scripting, buffer overflow, path or directory traversal, SQL injection, HTTP response splitting, and other workflow types.</p> en-usCopyright (C) 2009 Cenzic, Inc--All Rights Reserved -- This channel is part of the Cenzic Security Blog blogsite--Powered by MyST Blogsite®.Thu, 01 May 2008 13:00:50 -0400Fri, 27 Aug 2010 15:36:27 -0400MySmartChannels V3.0 (MyST Web Service Platform V6.00.0828)http://blog.cenzic.com/styles/blogsite/Cenzic/images/rss.jpg3188http://blog.cenzic.com/public/blog/202612This blogsite contains information on all security topics ranging from web application security, security software, vulnerabilities, enterprise security, penetration testing and hacker news. Cross site request forgeryCSRFCross site ScriptingXSSBuffer overflowSession managementSession ID randomnessPrivilege escalationSession hijackingSQL Injection http://blog.cenzic.com/public/item/258843Weekly product update – Cenzic detects a PHP Buffer Overflow Vulnerability<p>As of August 27, 2010 Cenzic now detects a <a title="PHP Buffer Overflow Vulnerability" href="http://www.securityfocus.com/bid/42516/info" target="_blank"><strong><u>PHP 'ibase_gen_id()' Function off-by-one Buffer Overflow Vulnerability</u></strong></a> (<strong>BugtraqID 42516</strong>).&nbsp; PHP is prone to an off-by-one buffer-overflow vulnerability because it fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers.&nbsp;&nbsp; A hacker can exploit this issue to execute arbitrary machine code in the context of the PHP process.&nbsp; Failed exploit attempts will likely crash the web server, denying service to legitimate users.&nbsp; <strong>PHP 5.3.3 is vulnerable</strong>; other versions may also be affected.</p> <p><strong>Background on Cenzic&rsquo;s SmartAttacks</strong><br />Every week, Cenzic&rsquo;s suite of products is updated with the latest vulnerabilities (custom, commercial, and open-source) to better detect &quot;holes&quot; in Web applications.&nbsp; These Web application vulnerabilities include (but not limited to) cross site scripting, buffer overflow, path or directory traversal, SQL injection, HTTP response splitting, and other workflow types.</p> <p>by<br /><strong>Erin Swanson<br /></strong><a href="mailto:Eswanson@cenzic.com"><strong><u>Eswanson@cenzic.com</u></strong></a></p><h3>See Also</h3><ul><li><a href="http://www.securityfocus.com/bid/42516/info" target=%quot;_blank%quot;>PHP 'ibase_gen_id()' Function off-by-one Buffer Overflow Vulnerability</a><br/>Learn more about this vulnerability on Security Focus</li></ul>http://blog.cenzic.com/public/item/258843Fri, 27 Aug 2010 15:35:06 -0400 buffer overflowbuffer overflow vulnerability http://blog.cenzic.com/public/item/258357Weekly product update – Cenzic detects a Sun Java System Denial of Service Vulnerability <p><img hspace="10" alt="Cenzic SmartAttack Update for Aug 20, 2010" vspace="10" align="right" src="http://www.cenzic.com/images/blog/binary_crossword.jpg" />As of August 20, 2010 Cenzic now detects a <a title="Sun Java System Web Server Admin Interface Denial of Service Vulnerability" href="http://www.securityfocus.com/bid/41389/info" target="_blank"><strong><u>Sun Java System Web Server Admin Interface Denial of Service Vulnerability</u></strong></a> (<strong>BugtraqID 41389</strong>).&nbsp; Sun Java System Web Server is prone to a denial-of-service vulnerability.&nbsp; An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Sun Java System Web Server 7.0 Update 7 is affected; other versions may also be vulnerable.</p> <p><strong>Background on Cenzic&rsquo;s SmartAttacks<br /></strong>Every week, Cenzic&rsquo;s suite of products is updated with the latest vulnerabilities (custom, commercial, and open-source) to better detect &quot;holes&quot; in Web applications.&nbsp; These Web application vulnerabilities include (but not limited to) cross site scripting, buffer overflow, path or directory traversal, SQL injection, HTTP response splitting, and other workflow types.</p> <p>by<br /><strong>Erin Swanson<br /></strong><a href="mailto:Eswanson@cenzic.com"><strong><u>Eswanson@cenzic.com</u></strong></a></p><h3>See Also</h3><ul><li><a href="http://www.securityfocus.com/bid/41389/info" target=%quot;_blank%quot;>Sun JAVA System Denial of Service Vulnerability</a><br/>Learn more about this vulnerability on Security Focus</li></ul>http://blog.cenzic.com/public/item/258357Fri, 20 Aug 2010 15:32:42 -0400 denial of service vulnerability http://blog.cenzic.com/public/item/257785Weekly product update – Cenzic adds 107th SmartAttack: Unrestricted File Upload<p><img hspace="10" alt="Unrestricted File Upload" vspace="10" align="right" src="http://www.cenzic.com/images/blog/smartattack_file-upload.jpg" />As of August 13, 2010 Cenzic created a brand new SmartAttack, <strong>Unrestricted File Upload</strong>, bringing the total attack category library to <strong>107</strong>.&nbsp; The new SmartAttack checks various flaws present in the &quot;file upload&quot; functionality. Presence of these flaws may result in various attacks like Cross-Site Scripting, Malware hosting, etc. </p> <p>Along in this weekly product update, Cenzic can also detect <a title="PHP Multiple Vulnerabilities" href="http://www.securityfocus.com/bid/41991/references" target="_blank"><strong><u>PHP Multiple Vulnerabilities like Remote Code Execution, Unauthorized Access Attacks</u></strong></a> (<strong>BugtraqID 41991</strong>).&nbsp; PHP is prone to multiple security vulnerabilities that an attacker can exploit to execute arbitrary code, crash the affected application, gain access to sensitive information, and bypass security restrictions.&nbsp; Other attacks are also possible.&nbsp; Versions PHP 5.3 (Prior to 5.3.3) and PHP 5.2 (Prior to 5.2.14) are affected.</p> <p><strong>Background on Cenzic&rsquo;s SmartAttacks</strong><br />Every week, Cenzic&rsquo;s suite of products is updated with the latest vulnerabilities (custom, commercial, and open-source) to better detect &quot;holes&quot; in Web applications.&nbsp; These Web application vulnerabilities include (but not limited to) cross site scripting, buffer overflow, path or directory traversal, SQL injection, HTTP response splitting, and other workflow types.</p> <p>by<br /><strong>Erin Swanson<br /></strong><a href="mailto:Eswanson@cenzic.com"><strong><u>Eswanson@cenzic.com</u></strong></a></p><h3>See Also</h3><ul><li><a href="http://www.securityfocus.com/bid/41991/references" target=%quot;_blank%quot;>PHP Multiple Vulnerabilities like Remote Code Execution, Unauthorized Access Attacks</a><br/>Learn more about this vulnerability on Security Focus</li></ul>http://blog.cenzic.com/public/item/257785Fri, 13 Aug 2010 14:22:36 -0400 php vulnerabilities http://blog.cenzic.com/public/item/257276Weekly product update: Cenzic detects an Apache Information Disclosure Vulnerability & updates 1 SmartAttack™<p>As of August 6, 2010 Cenzic now detects an <a title="Apache Information Disclosure Vulnerability" href="http://www.securityfocus.com/bid/42102/info" target="_blank"><strong><u>Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability</u></strong></a> (<strong>BugtraqID 42102</strong>). &nbsp;Attackers can leverage this issue to gain access to sensitive information that can aid in further attacks.&nbsp; Apache 2.2.9 on Unix is vulnerable.</p> <p>We also enhanced our <strong>Session ID in URL SmartAttack</strong> so it can detect session ids that are stored in unconventional ways (e.g. in a URL path parameter).&nbsp; This enhancement enables the SmartAttack to perform more accurately.</p> <p><strong>Background on Cenzic&rsquo;s SmartAttacks</strong><br />Every week, Cenzic&rsquo;s suite of products is updated with the latest vulnerabilities (custom, commercial, and open-source) to better detect &quot;holes&quot; in Web applications.&nbsp; These Web application vulnerabilities include (but not limited to) cross site scripting, buffer overflow, path or directory traversal, SQL injection, HTTP response splitting, and other workflow types.</p> <p>by<br /><strong>Erin Swanson<br /></strong><a href="mailto:Eswanson@cenzic.com"><strong><u>Eswanson@cenzic.com</u></strong></a></p><h3>See Also</h3><ul><li><a href="http://www.securityfocus.com/bid/42102/info" target=%quot;_blank%quot;>Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability</a><br/>Learn more about this vulnerability on Security Focus</li></ul>http://blog.cenzic.com/public/item/257276Fri, 06 Aug 2010 17:55:10 -0400 information disclosure vulnerability