Server Security and Scripting

• Server-side scripting (ASP, PHP, mod_perl, CGI) uses interpreted languages (Visual Basic, PHP, sh, Perl, Tcl, Java, Python)
• Can be used by attackers to execute code on the server
• Compromise the web server (e.g. change security model)
• Compromise the database
• Compromise the host

• PreviousApplication-layer Attacks
• Contents
• NextScripting Exploitation Example

 Last change: Wednesday, June 23, 2004 4:59 pm
 Unless otherwise expressly stated, all original material on this page created by Diomidis Spinellis is licensed under a Creative Commons Attribution-Share Alike 3.0 Greece License.