CertiGuide to Security+  9  Chapter 2:  Communication Security (Domain 2.0; 20%)       9  2.3  The Web            9  2.3.4  Vulnerabilities

Web Pages that Show Up Everywhere 1 2.3.4.1  Java Script

And finally, all together now: Web servers and browsers, just like other software programs, have implementation flaws that have either been discovered, or will almost certainly eventually be discovered. Keep the server, including the web software server itself AND ALL OTHER HELPER PROGRAMS ON THE WEB SERVER, like Perl, PHP, database interfaces, etc., up-to-date. The same goes for browser software, and its helper programs (“Macromedia Flash, anyone?”) up-to-date. We’ll say more about this in Section 3.5.3, when discussing web server hardening.

There are many other aspects of web vulnerability – too many to list here. Check the WWW Security FAQ ²¹⁴ for additional information on the vulnerabilities discussed in section 2.3.4.

The following are specific areas of web vulnerability that you should know about for Security+.

Web Pages that Show Up Everywhere 1 2.3.4.1  Java Script