BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
152: XML Beware
MP3•Episode home
Manage episode 186564747 series 8373
By Mark Derricutt, Greg Amer, and Richard Vowles. Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio is streamed directly from their servers. Hit the Subscribe button to track updates in Player FM, or paste the feed URL into other podcast apps.
A short minisode on Apache Struts, XML deserialisation attacks, and Equifax.
- XML? Be cautious!
- Severe security vulnerability found in Apache Struts using lgtm.com (CVE-2017-9805)
- CVE-2017-9805: Analysis of Apache Struts RCE Vulnerability in REST Plugin
- Apache Struts Statement on Equifax Security Breach
- Apache Struts Security Bulletins
- OWASP Dependency Check
- struts-pwn - an exploit tester
- Remotely Exploitable Java Zero Day Exploits through Deserialization (2015 alert for Apache Commons Collections 3.x)
- A critical Apache Struts security flaw makes it 'easy' to hack Fortune 100 firms
Upgrade your s**t!
140 episodes