xml-dev - Re: [xml-dev] Excellent IETF BCP on XML

Re: [xml-dev] Excellent IETF BCP on XML

[ Lists Home | Date Index | Thread Index ]

To: XML Dev <xml-dev@lists.xml.org>
Subject: Re: [xml-dev] Excellent IETF BCP on XML
From: Miles Sabin <miles@milessabin.com>
Date: Fri, 22 Nov 2002 21:21:52 +0000
In-reply-to: <15725CF6AFE2F34DB8A5B4770B7334EE0DF8DF@hq1.pcmail.ingr.com>
References: <15725CF6AFE2F34DB8A5B4770B7334EE0DF8DF@hq1.pcmail.ingr.com>

Bullard, Claude L (Len) wrote,
> Yep.  However, since packets are sniffable?

Umm ... you've not been paying attention, have you ;-)

Other than the stuff David mentioned, the external entity attacks I 
disussed here,

  http://lists.xml.org/archives/xml-dev/200206/msg00240.html
  http://lists.xml.org/archives/xml-dev/200206/msg00247.html

are directly applicable if RDDL documents are retrieved recklessly.

Elliotte RH's XInclude attack is similar,

  http://lists.xml.org/archives/xml-dev/200210/msg01461.html

and he came up with another entity variant here,

  http://lists.xml.org/archives/xml-dev/200211/msg00027.html

And there was also the BugTraq advisory reporting poor choices of 
default retreival behaviour for external entities here by several 
widely deployed parsers,

http://online.securityfocus.com/archive/1/297714/2002-10-27/2002-11-02/0

I wouldn't be at all surprised if we see another one some time in the 
future reporting poor choices of retrieval behaviour for RDDL 
documents.

Cheers,


Miles

References:
- RE: [xml-dev] Excellent IETF BCP on XML
  - From: "Bullard, Claude L (Len)" <clbullar@ingr.com>

Prev by Date: RE: [xml-dev] Excellent IETF BCP on XML
Next by Date: Re: [xml-dev] Excellent IETF BCP on XML
Previous by thread: Re: [xml-dev] Excellent IETF BCP on XML
Next by thread: RE: [xml-dev] Excellent IETF BCP on XML
Index(es):
- Date
- Thread