SmartAttack™ Library Update Readme
The following SmartAttacks and/or SmartAttack™ technologies have been
added or updated in this release:
- New SmartAttacks
- Session ID Identification
- Ineffective session termination
- Brute Force Login
- Pages requiring Cookies
- A utility file, hsSmartAttackUtils.js, used by SmartAttacks
- CIA Web Server Configuration
- Apache and IBM HTTP Server(Powered by Apache) 413 Error HTTP Request Method Cross-Site Scripting Weakness. Bugtraq ID: 26663
Note: This update applies only to Cenzic Hailstorm 5.5 and higher. If
you have not updated to 5.5 yet, please contact Cenzic Support at
support@cenzic.com or 1-866-4CENZIC
Cenzic's dedicated CIA experts focus exclusively on perform ongoing
research to not only analyze known vulnerabilities but also discover new
or undisclosed vulnerabilities in custom, commercial, and open-source
applications, and to make this information available to customers and to
the community at large in the form of publications and security
alerts. The CIA Web Server Configuration SmartAttack™ was created so that
recently discovered vulnerabilities can be integrated into Hailstorm on a
fast-response basis.
|
