0dd - The Zero (0) Day Division

The Zero (0) Day Division is a group of security professionals working towards a common goal; securing open-source projects.

RunElite XXE

· Sajeeb Lohani · CVE-2018-1000834

The Issue

An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.

RunElite insecurely parses user-supplied XML content within the OSRSNewsServer.java file, allowing attackers to perform XXE attacks.

read more

Microweber XSS

· Sajeeb Lohani · CVE-2018-1000826

The Issue

Reflected Cross-Site Scripting (XSS) may allow an attacker to execute JavaScript code in the context of the victim’s browser. This may lead to unauthorised actions being performed, unauthorised access to data, stealing of session information, denial of service, etc. An attacker needs to coerce a user into visiting a link with the XSS payload to be properly exploited against a victim.

read more

MegaMek Java Objection Injection

· Sajeeb Lohani · CVE-2018-1000824

The Issue

The deserialisation of the Java object can trigger certain methods within the object, allowing the attacker to perform unauthorised actions like execution of code, disclosure of information, etc.

The MegaMek project overly trusted user input when processing the data obtained from a form.

read more

K9Mail XXE

· Sajeeb Lohani · CVE-2018-1000831

The Issue

An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.

K9Mail insecurely parses user-supplied XML content within the WebDavStore.java file, allowing attackers to perform XXE attacks. An attacker can potentially control a malicious WebDAV server or intercept the reponse of a valid WebDAV server to perform this attack.

read more

HAPI FHIR XXE

· Sajeeb Lohani

The Issue

An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.

HAPI FHIR insecurely parses user-supplied XML content within the XLSXmlParser.java file, allowing attackers to perform XXE attacks.

read more