|
|
|
Cenzic SmartAttack Software Updates |
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Présentation : Cenzic includes software patches along with its weekly SmartAttack product update This October 16 weekly product update includes an additional software patch with the SmartAttack update. This list below outlines the software patch details made to the test engine browser component of Cenzic Hailstorm Improved support for hidden form fields in Proxy IE traversals Improved reliability when using Proxy IE traversals Automatic scrolling on the browser window to show CAPTCHA image when prompting for CAPTCHA value Improved support for binary and octet-stream POST data Fixed problem which could result in a duplicated HTTP Content-type header Fixed problem which could cause an excessively large HTTP response to cause the assessment to end prematurely Improved spidering on pages containing SWF content Fixed problem where domain server of starting URL was incorrect when a Proxy Auto Configuration file was being used Fixed problem in Proxy IE traversals if certain HTTP headers such as Content-type were not of the expected case eg. content-type Fixed problem which could cause some pages in an IE traversal to not load or behave correctly Fixed problem which could cause an occasional crash of the Mozilla browser component Cenzic SmartAttack Update Cenzic now detects an Apache HTTP Server Solaris Event Port Pollset Support Remote Denial Of Service Vulnerability BugtraqID 36596 . The Apache HTTP Server is prone to a denial-of-service vulnerability because of faulty error handling. Successful exploits may allow remote attackers to trigger denial-of-service conditions. Apache versions 2.2.0 to 2.2.13 are affected. Background on Cenzic s SmartAttacks Every week, Cenzic s suite of products is updated with the latest vulnerabilities custom, commercial, and open-source to better detect holes in Web applications. These Web application vulnerabilities include but not limited to cross site scripting, buffer overflow, path or directory traversal, SQL injection, HTTP response splitting, and other workflow types. by Erin Swanson Eswanson cenzic.com See Also Apache HTTP Server Solaris Event Port Pollset Support Remote Denial Of Service Vulnerability Learn more about this vulnerability on Security Focus
Les derniers articles du site "What's New Cenzic Security Blog" :
- Cenzic Detects an Apache Denial of Service Vulnerability - Dan Shoemaker Featured on Application Security MythBusters Series - Cenzic Detects a PHP Validation Restriction-Bypass Vulnerability - Cenzic Hailstorm 6.5 Release - Web Application Security Trends Report - RSA Conference 2010 Reception - Cenzic Detects a Sun Java System App Server HTTP TRACE Information Disclosure Vulnerability - Cenzic Detects a Sun Java System Web Server Denial Of Service Vulnerability - OWASP Feb 25 Meeting SAP, Fujitsu, PARC, Stanford, Berkeley Presenting - Cenzic Detects an IBM WAS Security Bypass Vulnerability
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.191.75.173 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.191.75.173 to any 80"
- Nous contacter par mail
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, microsoft, réseau, attaque, outil, vulnérabilité, audit, système, virus, internet, données, présentation, linux, metasploit, bluetooth, protocol, vista, réseaux, shell, scanner, engineering, rootkit, wishmaster, trames, conférence, source, paquet, téléphone, mobile, sysun, noyau, rapport, botnet, téléphones, mémoire, https, navigateur, intel, patch, reverse, libre, scapy, securitech |
| Mini-Tagwall de l'annuaire video : | | | | vmware, security, virus, biometric, windows, lockpicking, password, botnet, metasploit, tutorial, attack, crypt, linux, network, iphone, server, exploit, wimax, conficker, virtu, virtual, engineering, cisco, reverse, ettercap, wireshark, shmoocon, hacker, firewall, internet, knoppix, rootkit, arduino, conference, source, wireless, backtrack, openbsd, brucon, systm, overflow, openssh, buffer, access, remote |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|