XML and SOAP attacks

In 2002-2003 I researched the security of XML (including XPath) and SOAP formats.

The research resulted in the following:

 

Whitepaper:

Blind XPath Injection, (May 2004)

 

Advisories:

BugTraq BID 11384, CVE-2003-0718, Microsoft security bulletin MS04-030

Products affected: Microsoft IIS/5.0, IIS/5.1 and IIS/6.0

 

BugTraq BID 11312, CVE-2004-1575

Products affected: Apache Xerces-C++ 2.5.0

 

BugTraq BID 9877CVE-2004-1815, CVE-2004-1816

Products affected: Macromedia ColdFusion/MX, Macromedia JRun, Sun Java System Application Server

 

BugTraq BID 9204

Products affected: IBM WebSphere 5.0.0, Microsoft ASP.NET

 

BugTraq BID 9185

Products affected: Microsoft ASP.NET, IBM WebSphere, Macromedia ColdFusion/MX, Macromedia JRun

 

BugTraq BID 6398, BugTraq BID 6378, BugTraq BID 6363, BugTraq BID 9703, CVE-2004-2244

Affected products: Apache Axis, IBM WebSphere, BEA WebLogic, Sun Microsystems SunONE WebServer, Sybase EAServer, Macromedia ColdFusion/MX, Macromedia JRun, HP server, Oracle 9iAS