SmartAttack Library Update Readme
The following SmartAttacks and/or SmartAttack technologies have been
added or updated in this release:
- New SmartAttacks
- Session ID Identification
- Ineffective session termination
- Brute Force Login
- Pages requiring Cookies
- A utility file, hsSmartAttackUtils.js, used by SmartAttacks
- CIA Web Server Configuration
- Apache and IBM HTTP Server(Powered by Apache) 413 Error HTTP Request Method Cross-Site Scripting Weakness. Bugtraq ID: 26663
5.0p Manual Updater
https://www.cenzic.com/download/ManualUpdater/12282007gkjrikti/Manualupdate_50_release_p.exe
Manualupdate_50_release_p.exe contains updates for
5.0 through 5.0p releases.
Instructions to run the exe:
- Double click on
Manualupdate_50_release_p.exe
- Press the Install button to extract the executable. (You can specify
any path on the local drive). It will extract a folder named
Manualupdate_50_release_p
- Open the folder named
Manualupdate_50_release_p and double
click on InstallUpdates.bat which will perform the library update.
- Restart CHS to get the updates.
Note: This update applies only to Cenzic Hailstorm 5.0 and higher. If
you have not updated to 5.0 yet, please contact Cenzic Support at
support@cenzic.com or 1-866-4CENZIC
Cenzic's dedicated CIA experts focus exclusively on perform ongoing
research to not only analyze known vulnerabilities but also discover new
or undisclosed vulnerabilities in custom, commercial, and open-source
applications, and to make this information available to customers and to
the community at large in the form of publications and security
alerts. The CIA Web Server Configuration SmartAttack was created so that
recently discovered vulnerabilities can be integrated into Hailstorm on a
fast-response basis.
|
