[XSL-LIST Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

Re: insecure xslt

Subject: Re: insecure xslt
From: Robert Koberg <rob@xxxxxxxxxx>
Date: Thu, 24 Nov 2005 09:09:16 -0500
koberg patch
bryan rasmussen wrote:
http://metasploit.com/research/vulns/google_proxystylesheet/

A security hole in the google search appliance is xslt  based,
basically from what I've seen of the appliance this is something that
an administrator should be able to fix themselves. But if one can't go
through all the configuration possibilities there is a patch.

I was not aware that the stylesheet engine was oracle based as is
indicated here though, one of the things that I had assumed from talks
with google support was that theirs was not a complete xslt 1.0
implementation - based on my asking for document function support and
being told that it supported all the functions that it needed to do
its job - which sounded like a no to me.


I wish we could discuss the google search appliance's XSL other than generalities. I think it [expletive deleted]. The XML is fine, though not very descriptive. I don't understand why such a simple thing needs to be secret. (Maybe because it is lame?) (Can I be sued for these statements?)

What I do (and it eliminates the bug) is use a servlet filter to get the form submission, form a query to submit to the appliance and get the results backs as XML to do with what I may.

best,
-Rob

Current Thread

PURCHASE STYLUS STUDIO ONLINE TODAY!

Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced!

Buy Stylus Studio Now

Download The World's Best XML IDE!

Accelerate XML development with our award-winning XML IDE - Download a free trial today!

Don't miss another message! Subscribe to this list today.
Email
First Name
Last Name
Company
Subscribe in XML format
RSS 2.0
Atom 0.3
Site Map | Privacy Policy | Terms of Use | Trademarks
Free Stylus Studio XML Training:
W3C Member
Stylus Studio® and DataDirect XQuery ™are products from DataDirect Technologies, is a registered trademark of Progress Software Corporation, in the U.S. and other countries. © 2004-2013 All Rights Reserved.