152: XML Beware - a podcast by Mark Derricutt, Greg Amer and Richard Vowles
from 2017-09-10T10:16:05
::
::
A short minisode on Apache Struts, XML deserialisation attacks, and Equifax.
- XML? Be cautious!
- Severe security vulnerability found in Apache Struts using lgtm.com (CVE-2017-9805)
- CVE-2017-9805: Analysis of Apache Struts RCE Vulnerability in REST Plugin
- Apache Struts Statement on Equifax Security Breach
- Apache Struts Security Bulletins
- OWASP Dependency Check
- struts-pwn - an exploit tester
- Remotely Exploitable Java Zero Day Exploits through Deserialization (2015 alert for Apache Commons Collections 3.x)
- A critical Apache Struts security flaw makes it 'easy' to hack Fortune 100 firms
Upgrade your s**t!
Further episodes of Illegal Argument
Further podcasts by Mark Derricutt, Greg Amer and Richard Vowles
Website of Mark Derricutt, Greg Amer and Richard Vowles