Leveraging Platform Weaknesses
Information in this chapter:
• Find Flaws in Application Frameworks
• Attack System & Network Weaknesses
• Secure the Application’s Architecture
In July 2001 a computer worm named Code Red squirmed through web servers running Microsoft IIS (http://www.cert.org/advisories/CA-2001-19.html). It was followed a few months later by another worm called Nimda (http://www.cert.org/advisories/CA-2001-26.html). The advent of two high-risk vulnerabilities so close to each other caused sleepless nights for system administrators and ensured profitable consulting engagements for the security industry. Yet the wide spread ...