A Small Chain of Security Bugs Gone Astray (AKA why XSS can be worse than you think)

Presented at WAHCKon 2013, May 4, 2013, 9:25 a.m. (35 minutes)

Security bugs can range in damage from small stuff, all the way to big stuff. Some people only focus on the large stuff, and the smaller stuff can go unnoticed. This talk will give a real world example of a project that had a small bug, that allowed a larger bug to happen, which allowed a larger bug, which ... BAM ... shell Speaker Origin: New Zealand Bio: Studied at Victoria University of Wellington, graduating with a ME in Software Engineering this May. Worked for a year and a half at a Wellington software development company, and was involved on the security team of a small open source project. Recently moved to a Wellington security consultant firm.

Presenters:

• Hugh Davenport - Hails from New Zealand
  Studied at Victoria University of Wellington, graduating with a ME in Software Engineering this May. Worked for a year and a half at a Wellington software development company, and was involved on the security team of a small open source project. Recently moved to a Wellington security consultant firm.

Similar Presentations:

• LocoMocoSec 2019 / Bug bounty botox: how to spot good security DNA & prevention from cosmetic security