Whitepaper – XML Schema, DTD, and Entity Attacks: A Compendium of Known Techniques

by Timothy D. Morgan and Omar Al Ibrahim The eXtensible Markup Language (XML) is an extremely pervasive technology used in countless software projects. A core feature of XML is the ability to define and validate document structure using schemas and document type definitions (DTDs). When used incorrectly, certain aspects of these document definition and validation … Continue reading Whitepaper – XML Schema, DTD, and Entity Attacks: A Compendium of Known Techniques

Whitepaper – A Heap of Trouble: Breaking the Linux Kernel SLOB Allocator

by Dan Rosenberg In this paper, we will systematically evaluate the implementation of the Linux kernel SLOB allocator to assess exploitability. We will present new techniques for attacking the SLOB allocator, whose exploitation has not been publicly described. These techniques will apply to exploitation scenarios that become progressively more constrained, starting with an arbitrary length, … Continue reading Whitepaper – A Heap of Trouble: Breaking the Linux Kernel SLOB Allocator

Whitepaper – Weaning the Web off of Session Cookies: Making Digest Authentication Viable

by Timothy D. Morgan In this paper, we compare the security weaknesses and usability limitations of both cookie-¬≠based session management and HTTP digest authentication; demonstrating how digest authentication is clearly the more secure system in practice. We propose several small changes in browser behavior and HTTP standards that will make HTTP authentication schemes, such as … Continue reading Whitepaper – Weaning the Web off of Session Cookies: Making Digest Authentication Viable

Whitepaper – HTTP Digest Integrity: Another look, in light of recent attacks

by Timothy D. Morgan Recent history has proven that web communications security is highly lacking in redundancy. That is, simple breaks in common protocols, such as SSL/TLS or the authentication mechanisms which support it, often lead to catastrophic gaps in security. Recent examples of this fragile architecture abound, and even when protocols and implementations themselves … Continue reading Whitepaper – HTTP Digest Integrity: Another look, in light of recent attacks