OWASP Night 2019-03-11 / OWASP Japan
![Node.jsセキュリティ](https://cdn-ak-scissors.b.st-hatena.com/image/square/7916ad80bc833cd3b629b73dcb33c1353011deee/height=288;version=1;width=512/https%3A%2F%2Ffiles.speakerdeck.com%2Fpresentations%2Ff97ef03a3ac44a8f84ab057d024826b8%2Fslide_0.jpg%3F12050067)
1. はじめに 最近わけあってNodeのセキュリティ調査をしているのですが、今年の5月に開催された North Sec 2018 でセキュリティ研究者の Olivier Arteau 氏による 「Prototype pollution attacks in NodeJS applications」という面白い発表を見つけました。 この発表の論文や発表資料、デモ動画などもgithubで公開されていますし、ちょうどタイミングよくセッション動画も最近公開されました。 github.com Olivier Arteau -- Prototype pollution attacks in NodeJS applications この発表で解説されているのは、悪意のある攻撃者が、JavaScript言語固有のプロトタイプチェーンの挙動を利用して、Webサーバを攻撃する方法です。 発表者は、npmからダ
(Update 28-March-2018) Security releases available Summary Updates are now available for all active Node.js release lines. These include the fix for the vulnerabilities identified in the initial announcement (below). In addition to the vulnerabilities in the initial announcement, we have also included a fix for a vulnerability in the Node.js inspector functionality. This is described in detail bel
Node.js のセキュリティアップデート 7/11 に Node.js のセキュリティアップデートがリリースされました。 Security updates for all active release lines, July 2017 | Node.js これには複数の脆弱性が報告されており、今回はそのうちの1つの Hash flooding DoS という脆弱性が何なのか、それに対して採用された対策が何なのかについてお話します。 Hash flooding DoS (hashdos) Denial Of Service 、つまりサービス拒否攻撃の一種です。 JavaScript のオブジェクトは内部的にハッシュテーブルとして表現されています。 図はこちらから引用 ハッシュ関数は同じkeyなら同じ値を返しますが、別なkeyなら通常は別な値になります。 ハッシュテーブルのinsert, g
Security updates for all active release lines, July 2017 (Update 10-August-2017) Snapshots Re-enabled on 8.3.0 The vulnerability has been patched upstream and snapshots have been re-enabled in 8.3.0 Expect a backport and update with the next release of 6.x Download Node.js v8 (Current) (Update 11-July-2017) Security releases available Summary Updates are now available for all active Node.js releas
This webpage was generated by the domain owner using Sedo Domain Parking. Disclaimer: Sedo maintains no relationship with third party advertisers. Reference to any specific service or trade mark is not controlled by Sedo nor does it constitute or imply its association, endorsement or recommendation.
Remotely send Chrome and Node.js into infinite loops via this one weird OSX kernel bug By Kenton Varda - 08 Apr 2015 A few months ago I discovered a security bug in the Darwin kernel used by most Apple products. The bug could allow an attacker to trivially remotely DoS a variety of network services and apps, from Node.js to Chrome. Today, Apple released a patch (look for CVE-2015-1105), so now I c
This is a republished blog post by Gergely Nemeth from RisingStack. They do Full Stack Javascript Development and Consulting. Gergely loves contributing to open-source projects like node-restify, organizing conferences, DevOps, Microservices and cycling. You can find his original article here. Node.js is getting more and more mature, no doubt - despite this, not a lot of security guidelines are ou
README.md Google recently announced that there is an exploit in SSLv3, this vulnerability is know as POODLE. There is no other option than to disable SSLv3 in order to combat this major flaw. There have already been guides on how to disable this in different servers. But nothing excised for Node.js yet, until now. In order to resolve this for Node.js we need to use various of undocumented options
V8 Memory Corruption and Stack Overflow (fixed in Node v0.8.28 and v0.10.30) A memory corruption vulnerability, which results in a denial-of-service, was identified in the versions of V8 that ship with Node.js 0.8 and 0.10. In certain circumstances, a particularly deep recursive workload that may trigger a GC and receive an interrupt may overflow the stack and result in a segmentation fault. For i
JavaScript Summit 2014 (http://environmentsforhumans.com/2014/javascript-summit/) Fluent Conference 2014 (http://fluentconf.com/fluent2014/public/sched…
tl;dr A carefully crafted attack request can cause the contents of the HTTP parser's buffer to be appended to the attacking request's header, making it appear to come from the attacker. Since it is generally safe to echo back contents of a request, this can allow an attacker to get an otherwise correctly designed server to divulge information about other requests. It is theoretically possible that
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く