UbuntuPentest
|
Size: 1693
Comment:
|
← Revision 28 as of 2008-09-14 02:27:29 ⇥
Size: 2011
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| [[Include(UbuntuPentest/Header)]] | <<Include(UbuntuPentest/Header)>> |
| Line 3: | Line 3: |
| ||<tablestyle="float:right; font-size: 0.9em; width:30%; background:#F1F1ED; background-repeat: no-repeat; background-position: 98% 0.5ex; margin: 0 0 1em 1em; padding: 0.5em;">'''Contents'''[[BR]][[TableOfContents]]|| | ||<tablestyle="float:right; font-size: 0.9em; width:30%; background:#F1F1ED; background-repeat: no-repeat; background-position: 98% 0.5ex; margin: 0 0 1em 1em; padding: 0.5em;"><<TableOfContents>>|| |
| Line 8: | Line 8: |
| The '''Ubuntu Pentest team''' is a subteam of the [https://wiki.ubuntu.com/SecurityTeam Ubuntu Security Team], and aims to identify security problems in the Ubuntu distribution and Ubuntu Services (such as Launchpad, REVU, Forums, website and other community systems) via auditing and careful pentesting. Members of this team adhere to policies of responsible disclosure, and coordinate any service pentesting with the administrators of the given service. | The '''Ubuntu White Hat Team''' is a subteam of the [[https://wiki.ubuntu.com/SecurityTeam|Ubuntu Security Team]], and aims to identify security problems in the Ubuntu distribution and Ubuntu Services (such as Launchpad, REVU, Forums, website and other community systems) via auditing and careful pentesting. Members of this team adhere to policies of responsible disclosure, and coordinate any service pentesting with the administrators of the given service. |
| Line 10: | Line 10: |
| = How to request Launchpad Membership = Membership of the Ubuntu White Hat means recognition of a significant and sustained contribution to Ubuntu Security Team. If you think your contributions have been significant and sustained, you can try to become a member. Generally, at least two months of visible, significant activity will be required. To join in [[https://edge.launchpad.net/~ubuntu-whitehat|ubuntu-whitehat]], please send mail to ubuntu-whitehat@lists.launchpad.net with "ubuntu-whitehat join request" subject and in the body paste your personal wiki page and launchpad personal page. In the next meeting the SecurityTeam current Ubuntu-WhiteHat members will vote to decide and send you the response. '''Rules''': Majority-vote by Ubuntu WhiteHat official members |
|
| Line 14: | Line 21: |
| * Help team in '''Ubuntu Pentest Day''' to audit/pentest services * Report private security bugs about ubuntu services, please use Launchpad, check the "Security" flag and subscribe the bug to "ubuntu-pentest". |
* Help team to audit/pentest services * Report private security bugs about ubuntu services, please use Launchpad, check the "Security" flag and subscribe the bug to "ubuntu-WhiteHat". |
| Line 17: | Line 24: |
| = Ubuntu Pentest Day = | = Pending For Next Meeting = <<Include(UbuntuPentest/PendingForNextMeeting)>> |
| Line 19: | Line 27: |
| The team will also aim to organize the '''Ubuntu Pentest Day''', a day dedicated to security tests on the structures of the community with auditing and penetrations tests. = How to request Launchpad Membership = * To join in [https://edge.launchpad.net/~ubuntu-pentest ubuntu-pentest], please send mail to ubuntu-hardened@lists.ubuntu.com with "ubuntu-pentest join request" subject and in the body paste your personal wiki page and launchpad personal page. In the next meeting the SecurityTeam will decide and send you the response. |
= Audit work and Advisory = <<Include(UbuntuPentest/Auditing)>> |
| Line 29: | Line 31: |
| '''Sub-pages :''' [[Navigation(children,1)]] | '''Sub-pages :''' <<Navigation(children,1)>> |
NEXT Ubuntu Pentest MEETING: |
NEXT Security Team Meeting: Include: Nothing found for "* '''When''':"! |
Introduction
The Ubuntu White Hat Team is a subteam of the Ubuntu Security Team, and aims to identify security problems in the Ubuntu distribution and Ubuntu Services (such as Launchpad, REVU, Forums, website and other community systems) via auditing and careful pentesting. Members of this team adhere to policies of responsible disclosure, and coordinate any service pentesting with the administrators of the given service.
How to request Launchpad Membership
Membership of the Ubuntu White Hat means recognition of a significant and sustained contribution to Ubuntu Security Team. If you think your contributions have been significant and sustained, you can try to become a member. Generally, at least two months of visible, significant activity will be required. To join in ubuntu-whitehat, please send mail to ubuntu-whitehat@lists.launchpad.net with "ubuntu-whitehat join request" subject and in the body paste your personal wiki page and launchpad personal page. In the next meeting the SecurityTeam current Ubuntu-WhiteHat members will vote to decide and send you the response.
Rules: Majority-vote by Ubuntu WhiteHat official members
How to Contribute
- Write documentation about auditing tools
- Help team to audit/pentest services
Report private security bugs about ubuntu services, please use Launchpad, check the "Security" flag and subscribe the bug to "ubuntu-WhiteHat".
Pending For Next Meeting
Feel free to edit this.
Topic |
Responsible |
Status |
Notes |
Audit work and Advisory
List of audit work and advisory.
- Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin
(and MoinMoin) 1.6.3 and 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Fix
- Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin
Sub-pages :
| /Auditing /Coc /Contacts /FAQ /GuidelinesDraft /Header /Members /PendingForNextMeeting /PentestDayCalendar /Tools /ptreport |
UbuntuPentest (last edited 2008-09-14 02:27:29 by host126-169-dynamic)