Hacking Web Servers
- Attacks can be categorized as either a buffer overflow attack, source disclosure attack, or a file system traversal attack.
- Unicode input validation attack. Unicode was developed as a replacement to ASCII. Unlike ASCII, however, Unicode uses a 16-bit dataspace, so it can support a wide variety of alphabets, including Cyrillic, Chinese, Japanese, Arabic, and others. The source of the vulnerability is not the Unicode itself but how it is processed.
- An un-patched server can suffer a multitude of attacks that target well-known exploits and vulnerabilities. Security patches and updates are critical to ensure that the operating system and web server are running with the latest files and fixes.
Web Application Vulnerabilities
|