Home » Story links » Param's story links

Pentesting Java J2EE - Discovering Remote Holes [ PDF ]

Link: http://www.secguru.com/files/hitbsecconf2006kl/DAY 1 - Marc ...
Points: 558 views User: Param Comments: 0 Comments Tag:

Java/J2EE is a widely used industry standard for business applications, although designed with security in mind, flaws in the J2EE framework implementation may lead to holes in the J2EE protection model. This is especially a problem when remote attackers are allowed to influence control flow on the server.

This talk addresses the root causes for this problem such as flaws the underlying JRE. Demonstrating these bugs aims to educate system and application developers to code their own classes and therefore get less vulnerable J2EE servers and applications in the future.


Email: Email this Story to a Friend

Post new comment

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <h1> <quote> <img>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Copy the characters (respecting upper/lower case) from the image.