Protecting Web servers from security holes in server-side includes

@article{Karro1998ProtectingWS,
  title={Protecting Web servers from security holes in server-side includes},
  author={Jared Karro and Jie Wang},
  journal={Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)},
  year={1998},
  pages={103-111}
}
  • Jared KarroJie Wang
  • Published 7 December 1998
  • Computer Science
  • Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)
This paper first investigates and analyzes security holes concerning the use of server-side includes (SSI) in some of the most used Web server software packages. We show that, by exploiting features of SSI, one could seriously compromise Web server security. For example, we demonstrate how users can gain access to information they are not supposed to see, and how attackers can crash a Web server computer by having an HTML file execute a simple program. Such attacks can be made with no trace… 

Most known vulnerabilities in Saudi Arabian web servers

To find out the all possible vulnerabilities in Saudi Arabian organizationpsilas Web servers, number of open source tools were selected and about 169 most popular Web servers of government, Financial, Academic, organizations and commercial organizations were tested.

Vulnerable Web Server Protection by Hash Based URL Transformation

  • R. Uda
  • Computer Science
    2020 54th Annual Conference on Information Sciences and Systems (CISS)
  • 2020
A protection method of vulnerable web servers by hash based URL transformation that works as an original web server while passing through HTTP communication between client computers and the actual web server.

MOST KNOWNVULNERABILITIESIN SAUDI ARABIANWEB SERVERS

To find out the all possible vulnerabilities in Saudi Arabian organization's web servers, number of open source tools were selected and about 169 most popular web servers of government, Financial, Academic, organizations and commercial organizations were tested.

References

SHOWING 1-10 OF 17 REFERENCES

sed and awk

The book introduces the primary features of the awk language and how to write simple scripts and other basic commands that parallel manual editing actions, as well as advanced commands that introduce simple programming constructs.

Applied cryptography: Protocols, algorithms, and source code in C

Firewalls and Internet Security

The 2-amino-3-bromoanthraquinone which is isolated may be used for the manufacture of dyes and is at least as pure as that obtained from purified 2- aminoanthraquin one by the process of the prior art.

Java Security: Hostile Applets

  • Holes, and Antidotes . Wiley Computer Publishing
  • 1997

The Netcraft Web Server Survey. URL http: //www.netcraft.com/survey

  • The Netcraft Web Server Survey. URL http: //www.netcraft.com/survey
  • 1997

Web Security and Commerce

  • Web Security and Commerce
  • 1997

CERT advisory 95-04: NCSA HTTP Daemon for UNIX vulnerability. URL ftp://info

  • CERT advisory 95-04: NCSA HTTP Daemon for UNIX vulnerability. URL ftp://info
  • 1995