• To: XML Dev <xml-dev@l...>
• Subject: Re: Excellent IETF BCP on XML
• From: Miles Sabin <miles@m...>
• Date: Fri, 22 Nov 2002 21:21:52 +0000
• In-reply-to: <15725CF6AFE2F34DB8A5B4770B7334EE0DF8DF@h...>
• References: <15725CF6AFE2F34DB8A5B4770B7334EE0DF8DF@h...>

Bullard, Claude L (Len) wrote,
> Yep.  However, since packets are sniffable?

Umm ... you've not been paying attention, have you ;-)

Other than the stuff David mentioned, the external entity attacks I 
disussed here,

  http://lists.xml.org/archives/xml-dev/200206/msg00240.html
  http://lists.xml.org/archives/xml-dev/200206/msg00247.html

are directly applicable if RDDL documents are retrieved recklessly.

Elliotte RH's XInclude attack is similar,

  http://lists.xml.org/archives/xml-dev/200210/msg01461.html

and he came up with another entity variant here,

  http://lists.xml.org/archives/xml-dev/200211/msg00027.html

And there was also the BugTraq advisory reporting poor choices of 
default retreival behaviour for external entities here by several 
widely deployed parsers,

http://online.securityfocus.com/archive/1/297714/2002-10-27/2002-11-02/0

I wouldn't be at all surprised if we see another one some time in the 
future reporting poor choices of retrieval behaviour for RDDL 
documents.

Cheers,


Miles

• References:
  • RE: Excellent IETF BCP on XML
    • From: "Bullard, Claude L (Len)" <clbullar@i...>

• Prev by Date: RE: Excellent IETF BCP on XML
• Next by Date: Re: Excellent IETF BCP on XML
• Previous by thread: Re: Excellent IETF BCP on XML
• Next by thread: RE: Excellent IETF BCP on XML
• Index(es):
  • Date
  • Thread