In the pursuit of accurate statements about application security, Ory Segal took a new shot at Beehive, the last bulletin board which I considered bug free in 2006. Well it didn’t take him long to find not one, not two but three new Beehive XSS vulnerabilities . I have installed Beehive 0.71 and indeed the vulnerabilities are confirmed.
What started as a quick secunia browsing for forum vulnerabilities turned into vulnerability assessments 🙂 That was cool and maybe it’s a nice idea to continue these tests. I’ll post more on this topic.
So, in true MythBusters‘ style :
Zero vulnerabilities in any of the 10 most popular open source forums in 2006/2007 : Myth BUSTED
Thank you for reading this post. You can now Read Comment (1) or Leave A Trackback. Print This Post
Post InfoThis entry was posted on Sunday, June 10th, 2007 . Tagged with:
Previous Post: NuFW 2.2 – An Authenticating Firewall »
Next Post: Online vs. Offline Gambling »
Read MoreRelated Reading:
- How to Protect Your Business Network from Phishing Attacks
- Animated Presentation on Sony PSN Hack
- ArcSight Tip #1 – arcsight managersetup notification test
- I’m a CISSP
- Operation:Payback or Social Vendetta is Here
- I got owned by Malware Destructor 2011 Virus
- New Downtime Cost Calculator by Storagepipe.com. What if ?
- Securing Your Network from Web Threats
- My Twitter Notes on 2010-07-25
- New NetWitness Visualize : Welcome To The Future!