« Web Application Security Professionals Survey (January) | Main | WASC RSA Meet-up »

Rogue XML Specifications

Aditya K Sood Writes "This article solely relates to the the insecurities that remain in the XML schema defined for any web server that relates to peculiar web servicing application.This is actually based on the AJAX framework as the xml specifcation act as an interface to server objects.The interface which is being provided by the xml schemadirectly configures the server on the fly which is dependent on the specific service providing servelet.The wrong schema in the web.xml or the index.xml provide leads to the origin of the web attack base that reallydisrupts the functioning of the server which further results in leveraging information.I am going to discuss theschema designing and relative effects if it is not configured properly.

The article has been released on the packetstorm security."

Article Link: http://www.packetstormsecurity.org/papers/general/RogueXMLSpecific.pdf

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.


All Comments are Moderated and will be delayed!