JBoss 7.1 Web Server Hardening
JBoss is a popular open-source Java application server which underwent a major rewrite of its code-base for its latest version 7.x. Of this new branch, only version 7.1.0.Final, released a week ago, is...
View ArticleClik here to view.
Dangerous Sudoers Entries – PART 1: Command Execution
The following article describes common security issues regarding misconfigured sudoers’ files. The article focuses on a single entry which contains several security issues: hacker10 ALL= (root)...
View ArticleClik here to view.
Dangerous Sudoers Entries – PART 2: Insecure Functionality
The following article describes common security issues regarding misconfigured sudoers’ files. The article focuses on a single entry which contains several security issues: hacker10 ALL= (root)...
View ArticleClik here to view.
Dangerous Sudoers Entries – PART 3: Permissions
The following article describes common security issues regarding misconfigured sudoers’ files. The article focuses on a single entry which contains several security issues: hacker10 ALL= (root)...
View ArticleClik here to view.
Dangerous Sudoers Entries – PART 4: Wildcards
The following article describes common security issues regarding misconfigured sudoers’ files. The article focuses on a single entry which contains several security issues: hacker10 ALL= (root)...
View ArticleClik here to view.
Dangerous Sudoers Entries – PART 5: Recapitulation
The following article describes common security issues regarding misconfigured sudoers’ files. The article focuses on a single entry which contains several security issues: hacker10 ALL= (root)...
View ArticleImpact of IIS 7.5 Service Accounts for file system audits
Introduction It can be very tricky to analyze the relevant service account and its file system permissions in order to evaluate if a compromised ASP.NET application can access sensitive resources (file...
View ArticleClik here to view.
Wrap-up: Hack-Lab 2017#1
What is a Hack-Lab? Compass Security provides a monthly playful occasion for the security analysts to get-together and try to hack new devices, dive into current technologies and share their skills...
View ArticleClik here to view.
SharePoint: How to collaborate with external parties?
Opening up an internal SharePoint farm to the Internet in order to share resources with external parties might seem a good idea, because it helps avoiding expensive infrastructure changes. However, in...
View ArticleClik here to view.
SharePoint: Collaboration vs. XSS
SharePoint is a very popular browser-based collaboration and content management platform. Due to its high complexity, proprietary technology and confusing terminology it is often perceived as a...
View Article
