Command line apps: An unexpected source of untrusted input

Name: Command line apps: An unexpected source of untrusted input
Start: 2023-05-10T18:00:00+10:00
End: 2023-05-10T19:30:00+10:00
Location: ACS Victoria

Hosted by Dan T. and Gyle d.

OWASP Melbourne - Application Security

Details

Welcome to our first flagship talk of 2023 on Wednesday, May 10th!

Prepare for an adventure into unexpected source of untrusted user input - a key source of vulnerabilities in many apps. Even the terminal you use daily isn't safe.

Our speaker this month, David has found and patched CVEs in the Linux Kernel, and has presented at various conferences leading conference, amongst other notable things. At this meetup, he will be sharing with us some of his latest work, and how to defend against these issues.

Talk
Command line apps: An unexpected source of untrusted input
by David Leadbeater

Abstract
Terminals are something many technical users use everyday. They can support colour and even images. The more fancy they get, the more chance there is for vulnerabilities. This talk will detail several different classes of vulnerabilities using some past examples and some examples I’ve found. More importantly it will look at how to defend against these problems and why it’s always DNS.

The Schedule ( Melbourne Time )
--------------------------------------------
17:45 hrs - Doors open - Come join us and mingle.
18:00 hrs - Welcome, chapter updates, and introductions.
18:10 hrs - Command line apps: An unexpected source of untrusted input by David
19:00 hrs - Food and chats.
19:30 hrs - Vacate the space.

Sponsors
--------------
We thank the Australian Computing Society (ACS) Victoria Branch for kindly hosting us.

We thank Secure Code Warrior for the food and non-alcoholic refreshments.

If you or your organisation is keen to sponsor a future meetup, please email us at [melbourne-chapter@owasp.org](mailto:melbourne-chapter@owasp.org). Thank you.

Other Information
------------------------
What is OWASP?
The Open Web Application Security Project® (OWASP) is a volunteer-run, nonprofit foundation that works to improve the security of software. Through community-led open source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.

Find out more?
Meetup.com Page: https://www.meetup.com/Application-Security-OWASP-Melbourne/
About the Chapter: https://owasp.org/www-chapter-melbourne/
Join the AppSec ANZ Discord: https://discord.gg/uAWze2B

These events are made possible by our OWASP Foundation members, and sponsors. If you like what we do, please sign up for a Foundation membership at
https://owasp.org/membership/

Please note that if you need proof of attendance for CPD hours (AISA, ACS, etc.), please ensure that your name and email on the RSVP matches your membership details.

OWASP Melbourne - Application Security

Command line apps: An unexpected source of untrusted input

OWASP Melbourne - Application Security

Details

Related topics

You may also like