January 09, 2009

Cenzic Updates Open Redirect SmartAttack

Cenzic provides enhanced support for its Open Redirect SmartAttack

On January 9, 2009, Cenzic provided an enhancement to its Open Redirect SmartAttack so it can accept any custom user-defined data entry. This gives the user freedom to craft requests and broaden the scope of the SmartAttack beyond the regular expressions that already exist. Cenzic also updated its ColdFusion remediation documents to further facilitate the user in dealing with vulnerabilities.

Background on Cenzic’s SmartAttacks
Every week, Cenzic’s suite of products is updated with the latest vulnerabilities (custom, commercial, and open-source) to use when it emulates a hacker and attacks our customer’s Websites to detect their security posture. These Web application vulnerabilities include (but not limited to) cross site scripting, buffer overflow, path or directory traversal, SQL injection, HTTP response splitting, and other workflow types.

by
Erin Swanson
Eswanson@cenzic.com

Topic Tags: cenzic, open redirect

by Erin Swanson

↑top

link to this

Post a Comment

Title:

Summary:

Comment:

Links:

Your info:

Name:		Required; will be displayed with comment.
E-mail:		Required (in case we need to contact you); will NOT be displayed with comment.
Web:		Optional; will use to hyperlink your name in the comment.
Twitter:		Optional; allows visitors to follow you on Twitter.
Save this in my browser

Verification:

Type the characters you see in the picture above.

Letters are case sensitive.

Notice: Your thoughtful opinions are valued and encouraged, but all comments are moderated so there will be a delay between the time you post your comment and when it appears in this site. Please don't be offended if your comment is edited for clarity or to avoid questionable matters. Offensive or off-topic comments will be deleted.