SoylentNews
SoylentNews is people
https://soylentnews.org/

Title    Secure Apps Exposed to Hacking via Flaws in Underlying Programming Languages
Date    Tuesday December 12 2017, @03:51AM
Author    takyon
Topic   
from the fuzzy-illogic dept.
https://soylentnews.org/article.pl?sid=17/12/12/0331216

MrPlow writes:

Submitted via IRC for SoyCow8317

Research presented this week at the Black Hat Europe 2017 security conference has revealed that several popular interpreted programming languages are affected by severe vulnerabilities that expose apps built on these languages to attacks.

The author of this research is IOActive Senior Security Consultant Fernando Arnaboldi. The expert says he used an automated software testing technique named fuzzing to identify vulnerabilities in the interpreters of five of today's most popular programming languages: JavaScript, Perl, PHP, Python, and Ruby.

[...] The researcher released XDiFF as an open source project on GitHub. A more detailed presentation of the testing procedure and all the vulnerabilities is available in Arnaboldi's research paper named "Exposing Hidden Exploitable Behaviors in Programming Languages Using Differential Fuzzing."

Source: https://www.bleepingcomputer.com/news/security/secure-apps-exposed-to-hacking-via-flaws-in-underlying-programming-languages/

Original Submission

Links
  1. "MrPlow" - https://soylentnews.org/~MrPlow/
  2. "on GitHub" - https://github.com/IOActive/XDiFF
  3. "Exposing Hidden Exploitable Behaviors in Programming Languages Using Differential Fuzzing" - https://www.blackhat.com/docs/eu-17/materials/eu-17-Arnaboldi-Exposing-Hidden-Exploitable-Behaviors-In-Programming-Languages-Using-Differential-Fuzzing-wp.pdf
  4. "Original Submission" - https://soylentnews.org/submit.pl?op=viewsub&subid=23756
© Copyright 2024 - SoylentNews, All Rights Reserved

printed from SoylentNews, Secure Apps Exposed to Hacking via Flaws in Underlying Programming Languages on 2024-04-23 06:55:28