-
ModSecurity 2.0 is out
"Ivan Ristic explains what's hot about the new release Interview ModSecurity is an open source web application firewall that runs as an Apache module, and version 2.0 offers many new features and improvements. Federico Biancuzzi interviewed Ivan Ristic to discuss the new logging system, events tracking and correlation, filtering AJAX or AFLAX applications, and just-in-time…
-
IE7 Is out, and vulnerable
IE7 has finally been released but according to Secunia a vulnerability has already been published. They also provide a test that can be performed to see if you're vulnerable. Article Link: http://www.theregister.co.uk/2006/10/19/ie7_release/ Advisory Link: http://secunia.com/Internet_Explorer_Arbitrary_Content_Disclosure_Vulnerability_Test/ Download IE7: http://www.microsoft.com/windows/ie/default.mspx
Favorite Links
- Security Templates (New)
- The Web Application Security Consortium
- QA Security
- The Web Security Mailing List
- Romain Gaucher’s Blog
- Jeremiah Grossman’s Blog
Popular Pages
WASC Threat Classification
- Abuse of Functionality
- Application Misconfiguration
- Brute Force Attack
- Content Spoofing
- Credential/Session Prediction
- Denial of Service
- Directory Indexing
- Information Leakage
- Remote File Inclusion Attack
- Routing Detour Attack
- SOAP Array Abuse
- XML Attribute Blowup
- XML Injection
- XML External Entity Attack