November 21, 2008

Cenzic Updates Web Server Vulnerability SmartAttack

Cenzic provides enhanced support for its Web Server SmartAttack that includes IBM WebSphere and Apache HTTP Server

On November 21, 2008, Cenzic added enhanced support to their Web Server SmartAttack that includes updates to IBM WebSphere and Apache HTTP Server. Details about these updates are listed below.

Web Services SmartAttack

IBM WebSphere Application Server SOAP Security Header Vulnerability (BugtraqID 29543)
- Due to the increasing use of the SOAP protocol and its affects on a wide range of network traffic, we wanted to update the SOAP header vulnerability in IBM’s WebSphere Application Server. Detail information can be found at: http://www.securityfocus.com/bid/29453/
Apache HTTP Server OS Fingerprinting Security Vulnerability (BugtraqID 31805)
- This update will enable Cenzic to check an OS fingerprinting security vulnerability that was recently uncovered in Apache. Detail information can be found at: http://www.securityfocus.com/bid/31805/

To learn more details on how you can automatically update your Cenzic Hailstorm product, visit our Website.

Background on Cenzic’s SmartAttacks
Every week, Cenzic’s suite of products is updated with the latest vulnerabilities (custom, commercial, and open-source) to use when it emulates a hacker and attacks our customer’s Websites to detect their security posture. These Web application vulnerabilities include (but not limited to) cross site scripting, buffer overflow, path or directory traversal, SQL injection, HTTP response splitting, and other workflow types.

by
Erin Swanson
ESwanson@cenzic.com


	November 21, 2008 SmartAttack Library Updates
	Learn more about our weekly SmartAttack Updates for this date
	http://www.cenzic.com/lib-updates/5.7u.php

	Cenzic SmartAttack Library Updates
	Weekly updates made to Cenzic's product suite
	http://www.cenzic.com/cia_research/lib-updates.php

Topic Tags: cenzic, web server

by Erin Swanson

↑top

link to this

Post a Comment

Title:

Summary:

Comment:

Links:

Your info:

Name:		Required; will be displayed with comment.
E-mail:		Required (in case we need to contact you); will NOT be displayed with comment.
Web:		Optional; will use to hyperlink your name in the comment.
Twitter:		Optional; allows visitors to follow you on Twitter.
Save this in my browser

Verification:

Type the characters you see in the picture above.

Letters are case sensitive.

Notice: Your thoughtful opinions are valued and encouraged, but all comments are moderated so there will be a delay between the time you post your comment and when it appears in this site. Please don't be offended if your comment is edited for clarity or to avoid questionable matters. Offensive or off-topic comments will be deleted.