UbuntuPentest
NEXT Ubuntu Pentest MEETING: |
NEXT Security Team Meeting: Include: Nothing found for "* '''When''':"! |
Introduction
The Ubuntu White Hat Team is a subteam of the Ubuntu Security Team, and aims to identify security problems in the Ubuntu distribution and Ubuntu Services (such as Launchpad, REVU, Forums, website and other community systems) via auditing and careful pentesting. Members of this team adhere to policies of responsible disclosure, and coordinate any service pentesting with the administrators of the given service.
How to request Launchpad Membership
Membership of the Ubuntu White Hat means recognition of a significant and sustained contribution to Ubuntu Security Team. If you think your contributions have been significant and sustained, you can try to become a member. Generally, at least two months of visible, significant activity will be required. To join in ubuntu-whitehat, please send mail to ubuntu-whitehat@lists.launchpad.net with "ubuntu-whitehat join request" subject and in the body paste your personal wiki page and launchpad personal page. In the next meeting the SecurityTeam current Ubuntu-WhiteHat members will vote to decide and send you the response.
Rules: Majority-vote by Ubuntu WhiteHat official members
How to Contribute
- Write documentation about auditing tools
- Help team to audit/pentest services
Report private security bugs about ubuntu services, please use Launchpad, check the "Security" flag and subscribe the bug to "ubuntu-WhiteHat".
Pending For Next Meeting
Feel free to edit this.
Topic |
Responsible |
Status |
Notes |
Audit work and Advisory
List of audit work and advisory.
- Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin
(and MoinMoin) 1.6.3 and 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Fix
- Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin
Sub-pages :
/Auditing /Coc /Contacts /FAQ /GuidelinesDraft /Header /Members /PendingForNextMeeting /PentestDayCalendar /Tools /ptreport |
UbuntuPentest (last edited 2008-09-14 02:27:29 by host126-169-dynamic)