Forschung

Wir glauben, dass es für ein Angebot von IT-Sicherheitsdienste auf höchstem Niveau wesentlich ist, in der Lage zu sein, lösbare Situationen mithilfe der Entwicklung von originellen Techniken zu meistern.

Innovation und Forschung sind daher die Schlüssel zu unserem Erfolg. Aus Leidenschaft und zum Schutz der Nutzergemeinschaft führen wir Open Source- und nicht-Open Source Software analysen auf der Suche nach Lücken durch.

Wir veröffentlichen Security Advisories nach dem Modell der Responsible Disclosure (in welchem dem Vendor die gefundenen Lücken mitgeteilt werden und die Freigabe des Advisory mit der Freigabe der neuen Version der Software abgestimmt wird).

Advisories

March 22, 2017 Qnap QTS Domain Privilege Escalation Vulnerability.
October 8, 2015 Veeam Backup & Replication Local Privilege Escalation Vulnerability.
November 22, 2012 ARC v2011-12-01 Multiple vulnerabilities.
April 7, 2011 Pixelpost (Calendar addon 1.1.6) 1.7.3 Multiple vulnerabilities.
November 16, 2010 Vtiger CRM 5.2.0 Multiple Vulnerabilities.
January 11, 2010 Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection.
October 25, 2009 Jetty 6.x and 7.x Multiple Vulnerabilities.
August 18, 2009 Vtiger CRM 5.0.4 Multiple Vulnerabilities.
July 26, 2009 PHP filesystem attack vectors - Take Two.
June 13, 2009 SugarCRM 5.2.0e Remote Code Execution.
May 12, 2009 FormMail 1.92 Multiple Vulnerabilities.
March 3, 2009 Zabbix 1.6.2 Frontend Multiple Vulnerabilities. Publicated on Milw0rm, SecurityFocus, Full Disclosure, BugTraq.
January 26, 2009 PHP filesystem attack vectors. Publicated on Packetstorm (1), Packetstorm (2), Full Disclosure, BugTraq, CGI Security.
December 16, 2008 Remote Command Execution in Moodle. Publicated on BugTraq.
November 11, 2008 Collabtive 0.4.8 Multiple Vulnerabilities. Publicated on BugTraq.
May 20, 2008 Mantis Bug Tracker 1.1.1 Multiple Vulnerabilities.. Publicated on BugTraq, CVE-2008-2276.
April 11, 2008 WiKID wClient-PHP <= 3.0-2 Multiple XSS Vulnerabilities. Publicated on BugTraq.
April 4, 2008 Cacti 0.8.7a Multiple Vulnerabilities. Publicated on BugTraq.
October 4, 2007 GreenSQL, a MySQL firewall, bypassed.
October 2, 2007 Original Photo Gallery Remote Command Execution. Publicated on BugTraq, Packetstorm, Vulnwatch.
June 3, 2007 Firefox <= 2.0.0.3 DOM Keylogger (bypass same-origin policy).
May 7, 2007 Shadowpage vulnerability: the page that doesn't exists (Multiple browsers affected).
March 9, 2007 PHP import_request_variables() arbitrary variable overwrite. Publicated on Packetstorm.
March 9, 2007 Php Nuke wild POST XSS. Publicated on BugTraq, Packetstorm.
March 16, 2006 Milkeyway Captive Portal Multiple Vulnerabilities. Publicated on Vulnwatch.
February 1, 2006 PmWiki remote file inclusion exploit.
January 25, 2006 PHP5 Globals Vulnerability. Publicated on SecuriTeam, Full Disclosure.
January 24, 2006 PmWiki Multiple Vulnerabilities. Publicated on Full Disclosure.
January 24, 2006 WebCalendar Multiple Vulnerabilities. Publicated on Bugtraq.
November 25, 2005 Free Web Stat Multiple XSS Vulnerabilities. Publicated on Bugtraq.
November 19, 2005 Php Web Statistik Multiple Vulnerabilities. Publicated on Packetstorm.
October 25, 2005 PHP iCalendar XSS. Publicated on Bugtraq, Packetstorm.

Möchten Sie weitere Informationen über unsere Methode und das Verfahren?

Rufen Sie uns an!

Starter Kit Brochure sales@isgroup.it