Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
NickNameNick
on Jan 28, 2015
|
parent
|
context
|
favorite
| on:
CVE-2015-0235 – GHOST: glibc gethostbyname buffer ...
If you have backend systems parsing XML, then an XXE[1] attack could trigger a DNS lookup, for example.
[1]
https://www.owasp.org/index.php/XML_External_Entity_%28XXE%2...
sarciszewski
on Jan 30, 2015
[–]
Ooh, that could lead to some very interesting attack vectors. :D
Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
[1]https://www.owasp.org/index.php/XML_External_Entity_%28XXE%2...