[Full-Disclosure] Re: [Announcement] oPortal - OWASP Portal Beta Site
bugtraq_at_cgisecurity.net
Date: 06/24/03
- Previous message: SGI Security Coordinator: "[Full-Disclosure] Multiple IPv6-Induced Bugs & Vulnerabilities on IRIX"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: dave@immunitysec.com Date: Tue, 24 Jun 2003 17:43:32 -0400 (EDT)
> I would suggest SPIKEing it - always a good idea. There's all sorts of
> bugs in Tomcat. I'm not sure if you use tomcat or not, but you might. hmm.
> Apparantly you use Coyote 1.0. Yeah, I'd definately SPIKE that to make
> sure you aren't using "secure" in vain. ;>
>i
Dave,
You may want to check out the url below.
If you get sued by Spike lee what new name will you spam the lists with?
http://www.cnn.com/2003/SHOWBIZ/TV/06/24/tv.spike.ap/index.html
> If I had a magic wand, I'd add a list of tools with screenshots and
> feature lists and download POCs, sortable by OS. Also a big list of papers
> all in one place would be nice.
>
> Also, fix this in Quick Links: "# WebGoat – an interactive web"
>
> Little yellow bullets on each of the secondary headings, like "Main"
> "Guide" and so on, would help the viewer's eye catch those. I completely
> missed them the first time I looked at it. Those are really important, and
> deserve some visual recognition.
>
>
> Dave Aitel
> Quality Assurance Team Lead
> Immunity, Inc.
> "Hacking Like It Is In The Movies!": http://www.immunitysec.com/CANVAS/
> (now with added 0day, part of your complete breakfast!)
>
>
>
>
> > Hello Everyone!
> >
> > As mentioned previously by Mark Curphey (this list's moderator, OWASP
> > Founder), myself, Ben Poweski, and Ingo Struck have been developing a
> > Portal Framework with security as a theme. We have been working since
> > Q4 of last year to present. And I want everybody to understand that
> > this is a best-effort from mere mortals ;)
> >
> > Here is the URL:
> >
> > http://beta.owasp.org
> >
> >
> > Please understand that there *are* bugs and most likely a bunch of
> > things that we have missed, or have not gotten to work on as of yet.
> >
> > Here is what is currently working:
> >
> > Caching Framework
> > XSL Document Transformation Framework
> > Docbook Presentation Framework (Currently supports PDF and HTML)
> > RDF/RSS News Feeds (incoming and outgoing)
> > Full Text Searching
> > Content Management
> >
> > Here is what will be ready in the full release (And current Status):
> >
> > Forums (50% complete)
> > Document Workflow Management (50% Complete)
> > User Management (50% Complete)
> > Session Management with Proper Preventative Measures (20% Complete)
> > Complete Filtering Toolkit (20% Complete)
> >
> >
> > Day by day we are completing the above features. However they are
> > extremely complex to implement correctly.
> >
> >
> > I am extremely proud of our effort and I look forward to improving the
> > maturity of oPortal everyday. Keeping in mind that we will have a full
> > release within 12 months of inception, I feel that we have accomplished
> > an daunting task!
> >
> > We hope to grow oPortal into the #1 Open Source standards based Portal
> > Framework.
> >
> > Regards,
> >
> > David Raphael
> > oPortal Architect / Designer / Evangelist
> >
> > and
> >
> > Ben Poweski
> > oPortal Developer / Infrastructure Specialist / Design Guru
> >
> >
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: SGI Security Coordinator: "[Full-Disclosure] Multiple IPv6-Induced Bugs & Vulnerabilities on IRIX"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
