Penetration Testing: Re: JIRA Pentest

Penetration Testing mailing list archives

Re: JIRA Pentest

From: Patrick Webster <sflist () aushack com>
Date: Thu, 20 Oct 2011 00:56:28 +1100

Check for embedded 3rd party software bugs.

E.g. http://www.osisecurity.com.au/advisories/jfreechart-path-disclosure
applies to some Atlassian products. Path disclosure ain't much but may
help you combined with other bugs.

-Patrick

On Wed, Oct 19, 2011 at 2:28 AM, Bog Witch <iambogwitch () gmail com> wrote:

All,

Is there anyone on this list with commercial JIRA pentest exposure?

Please email responses directly.

Thanks,

Bog

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------

By Date By Thread

Current thread:

JIRA Pentest Bog Witch (Oct 18)
- Re: JIRA Pentest Patrick Webster (Oct 19)
- Re: JIRA Pentest securityfocus (Oct 19)
  - Re: JIRA Pentest Bog Witch (Oct 19)