Web App Security

Re: out of box scanner

Thu, 26 Nov 2009 22:07:31 GMT

Posted by Brian Shura on Nov 26

The Web Application Security Scanner Evaluation Criteria provides
guidance on features that should be considered when evaluating scanners
and advice on conducting an evaluation. I agree with Jon that obtaining
evaluation licenses for these scanners and running them against a sample
of your actual web applications will give you the best idea of which
product best meets your needs....

Re: out of box scanner

Thu, 26 Nov 2009 09:45:16 GMT

Posted by Jon Kibler on Nov 26

John Bennett wrote:

Do a fly-off in your environment. Each will give you 15-day demos. Run the demos
concurrently so that you can compare and contrast results. If a scanner vastly
under-preforms one of the competitors, contact their tech reps because you most
likely have something misconfigured.

Pick the scanner that finds the most non-false positives that the other scanners
miss, has the least false negatives, best fits your working...

out of box scanner

Thu, 26 Nov 2009 06:42:29 GMT

Posted by John Bennett on Nov 25

I'm currently evaluating some commercial scanners and wanted to get a
feel for others experiences with appscan/cenzic/webinspect. Any
gotcha's with any of these products and can anybody recommend one over
the other?

thanks,
John

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!...

Replicating the Gonzalez Cyber Attacks through Penetration Testing

Sat, 21 Nov 2009 00:27:10 GMT

Posted by Core Security on Nov 20

--------------------------------------------------------------------------------
YOU'RE INVITED: IT SECURITY ON DEMAND WEBCAST

"Replicating the Gonzalez Cyber Attacks through Penetration Testing"
Register: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez
---------------------------------------------------------------------------------

Recently, we saw the indictment of cybercrime kingpin Albert Gonzalez, one...

winAUTOPWN 2.0 - Introducing winAUTOPWN GUI - Now you can sleep

Tue, 03 Nov 2009 22:27:05 GMT

Posted by QUAKER DOOMER on Nov 03

Dear all,

After a long break and a lot of Unpolished SITA releases of the previous version,
I am finally releasing winAUTOPWN version 2.0

winAUTOPWN or WINDOWS AUTOPWN version 2.0 now has a GUI (winAUTOPWN_GUI.exe) to initiate the main
console winAUTOPWN.exe
winAUTOPWN now supports all console arguments which can also be fed interactively.
This version covers almost all remote exploits from 2009 start uptill October 2009. Though a few are...

[AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS

Fri, 16 Oct 2009 23:45:07 GMT

Posted by Michele Orru on Oct 16

Eclipse BIRT <= 2.2.1 Reflected XSS

Vendor: Eclipse
Advisory: http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss/
Author: Michele "euronymous" Orrù (euronymous AT antisnatchor DOT com)

Quite a common problem in a lot of Java based applications: reflected
XSS in Java stack trace.

A Reflected XSS is present in the _report parameter: here below the modified
request (that is the BIRT 2.2.1 version included in Konakart...

Snitz Forums 2000 Multiple Cross-Site Scripting Vulnerabilities

Fri, 16 Oct 2009 22:53:04 GMT

Posted by Andrea Fabrizi on Oct 16

**************************************************************
Application: Snitz Forums 2000
Version affected: 3.4.07
Website: http://forum.snitz.com/
Discovered By: Andrea Fabrizi
Email: andrea.fabrizi () gmail com
Web: http://www.andreafabrizi.it
Vuln: Multiple Cross-Site Scripting
**************************************************************

###### PERMANENT XSS
If [sound] tag is allowed:

[sound]...

[BONSAI] XSS in Achievo - Customized XSS payload included

Fri, 16 Oct 2009 22:17:07 GMT

Posted by Bonsai - Information Security on Oct 16

Bonsai Information Security - Advisory
http://www.bonsai-sec.com/research/

Multiple XSS in Achievo

1. *Advisory Information*

Title: Multiple XSS in Achievo
Advisory ID: BONSAI-2009-0101
Advisory URL: http://www.bonsai-sec.com/research/vulnerabilities/achievo-multiple-xss-0101.txt
Date published: 2009-10-13
Vendors contacted: Achievo
Release mode: Coordinated release

2. *Vulnerability Information*...

WASC Announcement: 2008 Web Application Security Statistics Published

Fri, 16 Oct 2009 22:16:06 GMT

Posted by announcements on Oct 16

The Web Application Security Consortium (WASC) is pleased to announce
the WASC Web Application Security Statistics Project 2008. This
initiative is a collaborative industry wide effort to pool together
sanitized website vulnerability data and to gain a better understanding
about the web application vulnerability landscape.

The statistics was compiled from web application security assessment
projects which were made by the following companies in...

[AntiSnatchOr] Pentaho Bi-server multiple vulnerabilities

Fri, 16 Oct 2009 22:12:01 GMT

Posted by Michele Orru on Oct 16

Pentaho 1.7.0.1062 Multiple Vulnerabilities

Name Multiple Vulnerabilities in Pentaho
Systems Affected Pentaho <= 1.7.0.1062
Severity High
Impact (CVSSv2) High 7/10, vector: (AV:N/AC:L/Au:S/C:P/I:C/A:P)
Vendor http://www.pentaho.com
Advisory http://antisnatchor.com/2009/06/20/pentaho-1701062-multiple-vulnerabilities/
Authors Michele "euronymous" Orrù (euronymous AT antisnatchor DOT com)

Date 20081224

I. BACKGROUND...

[BONSAI] SQL Injection in Achievo

Fri, 16 Oct 2009 22:07:41 GMT

Posted by Bonsai - Information Security on Oct 16

Bonsai Information Security - Advisory
http://www.bonsai-sec.com/research/

SQL Injection in Achievo

1. *Advisory Information*

Title: SQL Injection in Achievo
Advisory ID: BONSAI-2009-0102
Advisory URL: http://www.bonsai-sec.com/research/vulnerabilities/achievo-sql-injection-0102.txt
Date published: 2009-10-13
Vendors contacted: Achievo
Release mode: Coordinated release

2. *Vulnerability Information*...

WASC Announcement: Announcing the Web Application Security Scanner Evaluation Criteria v1

Thu, 08 Oct 2009 23:47:33 GMT

Posted by announcements on Oct 08

The Web Application Security Consortium is pleased to announce the release
of version 1 of the Web Application Security Scanner Evaluation Criteria
(WASSEC). The goal of the WASSEC project is to create a vendor-neutral
document to help guide information security professionals during web
application scanner evaluations. The document provides a comprehensive list
of features that should be considered when conducting an evaluation. The
WASSEC...

FBController - (Facebook Control Utility) version 2.0

Wed, 16 Sep 2009 04:23:07 GMT

Posted by QUAKER DOOMER on Sep 15

FBController - The Ultimate Utility to Control Facebook accounts without the
Password.

Let me clear this again like last time that this utility WON'T hack/crack Facebook accounts.
The utility will need biscuits/cookies instead of the password.

Get the target's cookie by sniffing, XSS, social engineering, ARP Poison-Sniffing,
scroogle search, anyhow !
Once you have the cookies you can use FBController and have Full control over the
target's...

Re: How to enable LDAP signing on client side

Wed, 16 Sep 2009 04:20:31 GMT

Posted by Peter M. Jansson on Sep 15

The goal of having the server sign LDAP results would be to give
confidence in the integrity if the answers. I don't understand what
the goal of having clients sign queries would be. If you use SSL, the
client-server exchange is kept confidential (subject to some
assumptions) and client-side certificates can be used by the server to
provide access control so rogue clients can't make requests.

How to enable LDAP signing on client side

Tue, 15 Sep 2009 11:11:59 GMT

Posted by Jianrong Yu on Sep 15

Hi All,

The link <http://support.microsoft.com/kb/935834> is the step the How to
enable LDAP signing in Windows Server 2008.

How to enable LDAP signing on client side?

Thanks,

Jianrong Yu
Systems Operation
Office of Information technology
Ohio University