Tuesday, December 19, 2017

Advanced SQL Server Man-in-the-Middle Attacks

UPDATE: A few days after publishing this, Microsoft begin making updates to the referenced documentation. I haven't reviewed these updat...
Monday, February 20, 2017

Advisory: Java/Python FTP Injections Allow for Firewall Bypass

UPDATE:  Fixes for these issues have been out for a while.  Therefore I've published a proof-of-concept exploit .  Enjoy. Overview R...
7 comments:
Sunday, September 4, 2016

Node.js: Breaking Out of Jade/Pug with process.dlopen()

UPDATE #1: The Jade/Pug developers emphasized to me that they never intended there to be any kind of "sandbox" or other controls l...
Wednesday, June 15, 2016

Advisory: HTTP Header Injection in Python urllib

Update 1: The MITRE Corporation has assigned CVE-2016-5699 to this issue. Update 2: Remarkably, Blogger stripped the % 00 element from a n...
Friday, November 20, 2015

Security Warnings in API Docs are not Enough

May 25, 1979: American Airlines flight 191 started down the runway at Chicago O'Hare Airport. Just before takeoff, the left engine tore ...
Tuesday, January 6, 2015

Multiple LDAP APIs are Asking for Trouble

LDAP filter injection is a classic injection flaw that occurs when user-supplied values find their way into LDAP search filters ("queri...
Monday, December 22, 2014

Why the Security Community Should Focus More on API Design

Every year, billions of lines of software code are written and deployed into production. While software security experts frantically review ...