next up previous
Next: 2.3.3 Point to point Up: 2.3 What Does the Previous: 2.3.1 Client threats

2.3.2 Server threats

Threats to servers consist broadly of unauthorized modification of server data, authentication and access control to server data, and compromising a server system by exploiting bugs in the web server software.

The HTTP protocol provides several methods (for example, PUT) for writing data on a server. It is possible that some of these methods may be used for unauthorized modification of server data. Work is ongoing to address security concerns in HTTP servers.

Denis Arnaud