The Most Poisonous Bugs - Remediation for XML Signature Attacks

 
 
By eweek  |  Posted 2007-08-14 Email Print this article Print
 
 
 
 
 
 
 
 
Some of the vulnerabilities discussed at the Black Hat Briefings in Las Vegas simply don't have any easy fixes, short of rearchitecting the Web. Here are some of the things that had people shaking their heads as they walked out of presentations.
 
 
 
To avoid XML signature attacks, Hill suggests disabling the XSLT transform by default. There are a host of other security precautions to take, and Hill has laid them out in a white paper, Command Injection in XML Signatures and Encryption. T
The Most Poisonous Bugs - Remediation for XML Signature Attacks
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...

 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel