New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SECURITY: Arbitrary binary deserialization leading to a variety of security impacts in restlet #778

Closed
thboileau opened this Issue Aug 22, 2013 · 1 comment

Comments

Projects
None yet
2 participants
@thboileau
Member

thboileau commented Aug 22, 2013

Reported by David Jorm:
A remote attacker could use this flaw to trigger the execution of the deserialization methods in any serializable class deployed on the server. This could lead to a variety of security impacts depending on the deserialization logic of these classes.

This might sound innocuous at first, but it is surprisingly common for classes to implement their own deserialization methods which are not secure when an attacker can call them with an arbitrary crafted instance of the object. This article provides a good explanation of the issue, and a solution to it:

http://www.ibm.com/developerworks/library/se-lookahead/

@ghost ghost assigned thboileau Aug 22, 2013

thboileau added a commit that referenced this issue Aug 22, 2013

thboileau added a commit that referenced this issue Aug 22, 2013

thboileau added a commit that referenced this issue Aug 22, 2013

thboileau added a commit that referenced this issue Sep 6, 2013

Fixed issues #774, #778 - Removed default support of JavaBeans XML-de…
…serialization, binary-deserialization on ObjectRepresentation class. Reported by David Jorm.

thboileau added a commit that referenced this issue Sep 6, 2013

Fixed issues #774, #778 - Removed default support of JavaBeans XML-de…
…serialization, binary-deserialization on ObjectRepresentation class. Reported by David Jorm.
@jlouvel

This comment has been minimized.

Show comment
Hide comment
@jlouvel

jlouvel Sep 19, 2013

Member

Thierry, can we close this issue?

Member

jlouvel commented Sep 19, 2013

Thierry, can we close this issue?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment