-
Firefox 3.0.6 Released To Address Multiple Security Issues
Fixed in Firefox 3.0.6 MFSA 2009-06 Directives to not cache pages ignored MFSA 2009-05 XMLHttpRequest allows reading HTTPOnly cookies MFSA 2009-04 Chrome privilege escalation via local .desktop files MFSA 2009-03 Local file stealing with SessionStore MFSA 2009-02 XSS using a chrome XBL method and window.eval MFSA 2009-01 Crashes with evidence of memory corruption (rv:1.9.0.6) Additional…
-
Web Application Security Consortium (WASC) RSA Meetup 2009
If you like talking about website and application security and will be in San Francisco in April I highly recommend attending the Web Application Security Consortium's RSA Meet-up. We've been doing this for the past 3-4 years and always get a great crowd. He's the formal announcement. Take a Break @ RSA and Meet-up with…
-
Microsoft Patch Tuesday: MS09-001
Microsoft has just published MS09-001 . This update addresses an SMB flaw. "Vulnerabilities in SMB Could Allow Remote Code Execution (958687) This security update resolves several privately reported vulnerabilities in Microsoft Server Message Block (SMB) Protocol. The vulnerabilities could allow remote code execution on affected systems. An attacker who successfully exploited these vulnerabilities could install…
-
CWE & SANS TOP 25 Most Dangerous Programming Errors
“Most of the vulnerabilities that hackers exploit to attack Web sites and corporate servers are usually the result of common and well-understood programming errors. A list of 25 of the most serious such coding errors is scheduled to be released later today by a group of 30 high-profile organizations, including Microsoft, Symantec, the U.S. Department…
-
CWE & SANS TOP 25 Most Dangerous Programming Errors
“Most of the vulnerabilities that hackers exploit to attack Web sites and corporate servers are usually the result of common and well-understood programming errors. A list of 25 of the most serious such coding errors is scheduled to be released later today by a group of 30 high-profile organizations, including Microsoft, Symantec, the U.S. Department…
-
OWASP releases Application Security Verification Standard for developers, security pros, and buyers
"Now there's an open industry standard for Web application and Web service security: The Open Web Application Security Project (OWASP) Foundation has released the Application Security Verification Standard (ASVS). Mike Boberski, project lead and co-author of OWASP's ASVS Project, says the main goal of the standard is to provide a commercial and workable open standard…
-
OllyDbg Version 2.0 – Beta 1 Released
"The first beta release. "Beta" means that there will be no significant changes till the final v2.00. Now it supports memory and hardware breakpoints. They are fully conditional, and the number of memory breakpoints is unlimited. Fast command emulation takes memory breakpoints into account. In fact, run trace may be much faster than the full-speed…
-
OWASP testing Guide Version 3.0 Released
OWASP released the following press release today. "The OWASP testing guide version 3 has been officially released.This project is part of the OWASP 2008 Summer of Code that started on April 2008. The guide resulted in a 349 page book and is the contribution of a team of 21 authors, 4 reviewers and 6 months…
-
Firefox Halting 2.x security patching/support, urges users to upgrade to 3.0 or get pwned
"Mozilla has told Firefox users that it will no longer be updating version 2 of the browser and they should upgrade to version 3 right away. The warning came alongside a security update patching ten problems, four of them critical. The critical problems involve cross-site scripting. That’s a serious concern as it allows the unauthorised…
-
Tools: Microsoft Announces Three Tools to help prevent SQL Injection
"On Tuesday, Microsoft issued new tools to assist Microsoft ASP and ASP.NET technologies against recent Web-based attacks. In April attackers went after Microsoft SQL sites by injecting malicious JavaScript onto legitimate sites. The JavaScript would direct a browser to a server hosting malicious software infecting the desktop with a variety of exploits. At the time…
-
Tools: Peach 2.1 Fuzzing Framework BETA3 Released
From the 'Millions of peaches, peaches for me. Millions of peaches, peaches for free ' department The following was posted to the full disclosure mailing list. "Peach 2.1 BETA3 has been released! This new beta includes a lot of changes and makes Peach feature complete for the 2.1 release coming in the next month or…
-
Tools: Peach Fuzzer Framework 2.1 BETA2 Released
The following was sent to the daily dave list today by Michael Eddington "The latest in the Peach 2 series has been posted. This release includes many bug fixes, features, improvements, and supersedes 2.0 as the recommended version to use. * Fuzzers written in XML by defining data definitions * Unittests to improve stability and…
-
Tool Release: tmin: Fuzzing test case optimizer
Michal Zalewski has released tmin. From his announcement to bugtraq "I'd like to announce tmin – a free, quick, and handy tool to quickly and effortlessly minimize the size and syntax of complex test cases in automated security testing. I found the tool to be remarkably useful, as it saved me from hours of manual…
-
Tool availability – browser DOM Checker
"I'd like to announce the availability of DOM Checker, an automated tool for validating browser security policy enforcement. The project is hosted at: http://code.google.com/p/dom-checker/ The tool features several fairly neat features, including exhaustive hierarchy crawling and side-channel blind write validation to reduce the number of false positives. DOM Checker had been used to find a…
-
xmitm: xml man in the middle tool
An interesting post on intercepting flash XMPP traffic. "This post is a result of ideas and tools developed during the review of client-side applications that use the XMPP protocol to communicate with a server (opening a raw socket, not using HTTP as a transport). The only way we could think of getting our hands on…
-
WASC Script Mapping Project released
Romain Gaucher writes "The Web Application Security Consortium is pleased to announce the first results of the Script Mapping project! At this stage in the project we were able to cover most of the test cases for Internet Explorer 7, Firefox 2 and Safari 3. The results can be found on the project page: http://www.webappsec.org/projects/scriptmapping/…
-
Tools: SWFIntruder released
Stefano writes "The first release of SWFIntruder has been released today by Stefano Di Paola, CTO of Minded Security. SWFIntruder (pronounced Swiff Intruder) is the first tool specifically developed for analyzing and testing security of Flash applications at runtime. It helps to find flaws in Flash applications using the methodology originally described in Testing Flash…
-
Nikto 2 released
Sullo writes " Nikto is an open source (GPL) web server scanner which performs tests against web servers for multiple items, including over 3500 po tentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Version 2 adds a ton of enhancements, including: – Fingerprinting web servers via favicon.ico…
-
Free Automated Web Application Firewall From Armorlogic
"Armorlogic, the Danish web application firewall provider, announces Profense™ Base, the only automated web application firewall available for free. And there is no catch. Free means free for commercial as well as non-commercial use, without time limitation." "ISO images and software licenses are available from www.armorlogic.com." I've never heard of this company or tried this.…
-
Uninformed Journal Release Announcement: Volume 8
"Uninformed is pleased to announce the release of its eighth volume. This volume includes 6 articles on a variety of topics:" Real-time Steganography with RTP PatchGuard Reloaded: A Brief Analysis of PatchGuard Version 3 Getting out of Jail: Escaping Internet Explorer Protected Mode OS X Kernel-mode Exploitation in a Weekend A Catalog of Windows Local…
-
Microsoft Release 4 Security Fixes
"Microsoft Corp. released four software patches Tuesday to fix security flaws, including one that could allow hackers to take over computers running the company's instant messaging programs. Only one of the flaws carried the company's most severe "critical" rating, but it only applies to the Windows 2000 operating system. To be affected, users would have…
-
WASC Announcement: Web Application Security Scanner Evaluation Criteria Call for Participants
The Web Application Security Consortium is pleased to announce a new project " Web Application Security Scanner Evaluation Criteria (WASSEC)". Currently WASC is seeking volunteers from various sections of the community including penetration testers, scanner vendors, security researchers and also end users to contribute to the project. A brief description of the project The Web…
-
[NEW BOOK] Professional Pen Testing for Web Applications
Andres Andreu has just published a new book titled "Professional Pen Testing for Web Applications" by Wrox. "There is no such thing as "perfect security" when it comes to keeping all systems intact and functioning properly. Good penetration (pen) testing creates a balance that allows a system to be secure while simultaneously being fully functional.…
-
Owasp Releases PHP Top 5
"PHP is a very popular language with many flawed security "features". Every PHP developer and hoster should understand the primary attack vectors being used by attackers against PHP applications. This article is the underlying research behind the SANS Top 20 2005's PHP section. The methodology used in the preparation of this article is to review…
-
Uninformed Issue 4 released
Issue #4 of uninformed has been released. This issue contains the following articles – Improving Automated Analysis of Windows x64 Binaries – Exploiting the Otherwise Non-Exploitable on Windows – Abusing Mach on Mac OS X – GREPEXEC: Grepping Executive Objects from Pool Memory – Anti-Virus Software Gone Wrong Issue Link: http://www.uninformed.org/?v=4
Favorite Links
- Security Templates (New)
- The Web Application Security Consortium
- QA Security
- The Web Security Mailing List
- Romain Gaucher’s Blog
- Jeremiah Grossman’s Blog
Popular Pages
WASC Threat Classification
- Abuse of Functionality
- Application Misconfiguration
- Brute Force Attack
- Content Spoofing
- Credential/Session Prediction
- Denial of Service
- Directory Indexing
- Information Leakage
- Remote File Inclusion Attack
- Routing Detour Attack
- SOAP Array Abuse
- XML Attribute Blowup
- XML Injection
- XML External Entity Attack