Web application vulnerability is something that every programming
language expert or web development company is susceptible to at one
point of time or another. PHP coding, the most popular choice among
website designers, is also not an exception and in many instances have
suffered from web application attacks. Apart from poor programming
approaches those often contribute to such attacks, there are also a few
other vulnerabilities which can be summed up as follows:
Remote Code Execution: Improper Coding Leads to It
Remote code execution is responsible for allowing an attacker run arbitrary, system level code on the server that tends to be vulnerable. By doing so, he can retrieve any information that’s stored in that server. Even if such vulnerability can’t be discovered in penetrating testing assignments, it becomes prominent during a source code review.
Exploiting register globals in PHP and XMLRPC for PHP vulnerabilities are two very common vulnerabilities those can be seen under the highly critical category. phpbb, Invision Board, Cpanel, Paypal cart, Drupal, and many others were attacked previously by this.
SQL Injection: Old yet Popular Approach
With this old approach attackers can retrieve important information from the database of a web server. The impact of this form of attack always varies. Basic information disclosure or remote code execution or total system compromise, anything can be the result of such an attack. The attack generated by such a means ranges from moderate to highly critical and previously PHPNuke, MyBB, Mambo CMS, ZenCart and osCommerce were attacked by it.
Format String Vulnerabilities
Use of unfiltered user input as the format string parameter in certain Perl or C functions that perform formatting may result in this vulnerability. According to the studies of a popular web development company, some of the ways how a malicious user may cerate such a threat includes:
Use the %s and %x format tokens
Write arbitrary data to arbitrary locations using the %n format token
Denial of service, reading and writing are the three categories where format string vulnerability may fall under. This vulnerability may wither be moderate or highly critical and has already made products like McAfee AV, Usermin, Webmin, various Apache modules, winRar, ettercap, and others suffer.
Cross Site Scripting
This is done while a visitor clicks on a URL that seems to be legitimate at first look. Once the URL is accessed, an attacker can effectively execute something malicious in the victim's browser. Its effect can be less to moderately critical. Microsoft IIS web server, Yahoo Mail, Squirrel Mail, Google search etc. have previously suffered from such cross site scripting.
Username Enumeration
Backend validation script tells the attacker if the supplied username is correct and thus helps the attacker to experiment with different usernames. Compared to the other four vulnerabilities, this has proven to be less critical. So far it has had its impact on Nortel Contivity VPN client, Juniper Netscreen VPN, Cisco IOS [telnet].
Remote Code Execution: Improper Coding Leads to It
Remote code execution is responsible for allowing an attacker run arbitrary, system level code on the server that tends to be vulnerable. By doing so, he can retrieve any information that’s stored in that server. Even if such vulnerability can’t be discovered in penetrating testing assignments, it becomes prominent during a source code review.
Exploiting register globals in PHP and XMLRPC for PHP vulnerabilities are two very common vulnerabilities those can be seen under the highly critical category. phpbb, Invision Board, Cpanel, Paypal cart, Drupal, and many others were attacked previously by this.
SQL Injection: Old yet Popular Approach
With this old approach attackers can retrieve important information from the database of a web server. The impact of this form of attack always varies. Basic information disclosure or remote code execution or total system compromise, anything can be the result of such an attack. The attack generated by such a means ranges from moderate to highly critical and previously PHPNuke, MyBB, Mambo CMS, ZenCart and osCommerce were attacked by it.
Format String Vulnerabilities
Use of unfiltered user input as the format string parameter in certain Perl or C functions that perform formatting may result in this vulnerability. According to the studies of a popular web development company, some of the ways how a malicious user may cerate such a threat includes:
Use the %s and %x format tokens
Write arbitrary data to arbitrary locations using the %n format token
Denial of service, reading and writing are the three categories where format string vulnerability may fall under. This vulnerability may wither be moderate or highly critical and has already made products like McAfee AV, Usermin, Webmin, various Apache modules, winRar, ettercap, and others suffer.
Cross Site Scripting
This is done while a visitor clicks on a URL that seems to be legitimate at first look. Once the URL is accessed, an attacker can effectively execute something malicious in the victim's browser. Its effect can be less to moderately critical. Microsoft IIS web server, Yahoo Mail, Squirrel Mail, Google search etc. have previously suffered from such cross site scripting.
Username Enumeration
Backend validation script tells the attacker if the supplied username is correct and thus helps the attacker to experiment with different usernames. Compared to the other four vulnerabilities, this has proven to be less critical. So far it has had its impact on Nortel Contivity VPN client, Juniper Netscreen VPN, Cisco IOS [telnet].
No comments:
Post a Comment