Difference between revisions of "ASDR TOC Vulnerabilities"

From OWASP
Jump to: navigation, search
Line 43: Line 43:
 
# [[Doubly freeing memory]]
 
# [[Doubly freeing memory]]
 
# [[Duplicate key in associative list (alist)]]
 
# [[Duplicate key in associative list (alist)]]
# [[Early Amplification]]
 
 
# [[EJB Bad Practices: Use of AWT/Swing]]
 
# [[EJB Bad Practices: Use of AWT/Swing]]
 
# [[EJB Bad Practices: Use of Class Loader]]
 
# [[EJB Bad Practices: Use of Class Loader]]
Line 51: Line 50:
 
# [[Empty Catch Block]]
 
# [[Empty Catch Block]]
 
# [[Empty String Password]]
 
# [[Empty String Password]]
# [[Error Conditions, Return Values, Status Codes]]
 
# [[Error Message Infoleaks]]
 
# [[Escape, Meta, or Control Character / Sequence]]
 
# [[Expected behavior violation]]
 
# [[External behavioral inconsistency infoleak]]
 
# [[External initialization of trusted variables or values]]
 
# [[Extra Parameter Error]]
 
 
# [[Extra Special Element]]
 
# [[Extra Special Element]]
# [[Extra Unhandled Features]]
 
# [[Extra Value Error]]
 
# [[Fails poorly due to insufficient permissions]]
 
 
# [[Failure of true random number generator]]
 
# [[Failure of true random number generator]]
 
# [[Failure to account for default case in switch]]
 
# [[Failure to account for default case in switch]]
Line 78: Line 67:
 
# [[File Access Race Condition: TOCTOU]]
 
# [[File Access Race Condition: TOCTOU]]
 
# [[Format String]]
 
# [[Format String]]
# [[General Special Element Problems]]
 
# [[Grouping Element / Paired Delimiter]]
 
 
# [[Guessed or visible temporary file]]
 
# [[Guessed or visible temporary file]]
 
# [[Hard-Coded Password]]
 
# [[Hard-Coded Password]]
Line 88: Line 75:
 
# [[Improper cleanup on thrown exception]]
 
# [[Improper cleanup on thrown exception]]
 
# [[Improper error handling]]
 
# [[Improper error handling]]
# [[Improper Handler Deployment]]
 
# [[Improper Null Termination]]
 
# [[Improper resource shutdown or release]]
 
 
# [[Improper string length checking]]
 
# [[Improper string length checking]]
 
# [[Improper temp file opening]]
 
# [[Improper temp file opening]]
# [[Improperly Implemented Security Check for Standard]]
 
# [[Improperly Trusted Reverse DNS]]
 
# [[Improperly Verified Signature]]
 
# [[Incomplete Blacklist]]
 
# [[Incomplete Cleanup]]
 
# [[Incomplete Element]]
 
# [[Incomplete Internal State Distinction]]
 
# [[Inconsistent Implementations]]
 
# [[Inconsistent Special Elements]]
 
 
# [[Incorrect block delimitation]]
 
# [[Incorrect block delimitation]]
# [[Incorrect initialization]]
 
# [[Incorrect Privilege Assignment]]
 
# [[Infoleak Using Debug Information]]
 
# [[Information Leak (information disclosure)]]
 
 
# [[Information leak through class cloning]]
 
# [[Information leak through class cloning]]
 
# [[Information leak through serialization]]
 
# [[Information leak through serialization]]
# [[Information loss or omission]]
 
# [[Initialization and Cleanup Errors]]
 
 
# [[Injection problem]]
 
# [[Injection problem]]
# [[Input Terminator]]
 
 
# [[Insecure Compiler Optimization]]
 
# [[Insecure Compiler Optimization]]
# [[Insecure Default Permissions]]
 
# [[Insecure default variable initialization]]
 
# [[Insecure execution-assigned permissions]]
 
# [[Insecure inherited permissions]]
 
# [[Insecure preserved inherited permissions]]
 
 
# [[Insecure Randomness]]
 
# [[Insecure Randomness]]
 
# [[Insecure Temporary File]]
 
# [[Insecure Temporary File]]
 
# [[Insecure Third Party Domain Access]]
 
# [[Insecure Third Party Domain Access]]
# [[Installation Issues]]
 
 
# [[Insufficient Entropy]]
 
# [[Insufficient Entropy]]
 
# [[Insufficient entropy in pseudo-random number generator]]
 
# [[Insufficient entropy in pseudo-random number generator]]
# [[Insufficient privileges]]
 
# [[Insufficient Resource Locking]]
 
# [[Insufficient Resource Pool]]
 
# [[Insufficient Type Distinction]]
 
# [[Insufficient UI warning of dangerous operations]]
 
# [[Insufficient Verification of Data]]
 
 
# [[Integer coercion error]]
 
# [[Integer coercion error]]
 
# [[Integer overflow]]
 
# [[Integer overflow]]
# [[Intended information leak]]
 
# [[Interaction Errors]]
 
# [[Internal behavioral inconsistency infoleak]]
 
# [[Internal Special Element]]
 
# [[Invalid Characters in Identifiers]]
 
 
# [[Invoking untrusted mobile code]]
 
# [[Invoking untrusted mobile code]]
 
# [[J2EE Bad Practices: getConnection()]]
 
# [[J2EE Bad Practices: getConnection()]]
Line 143: Line 94:
 
# [[J2EE Bad Practices: Sockets]]
 
# [[J2EE Bad Practices: Sockets]]
 
# [[J2EE Bad Practices: System.exit()]]
 
# [[J2EE Bad Practices: System.exit()]]
# [[J2EE Bad Practices: Threads]]
 
 
# [[J2EE Misconfiguration: Insecure Transport]]
 
# [[J2EE Misconfiguration: Insecure Transport]]
 
# [[J2EE Misconfiguration: Insufficient Session-ID Length]]
 
# [[J2EE Misconfiguration: Insufficient Session-ID Length]]
Line 149: Line 99:
 
# [[J2EE Misconfiguration: Unsafe Bean Declaration]]
 
# [[J2EE Misconfiguration: Unsafe Bean Declaration]]
 
# [[J2EE Misconfiguration: Weak Access Permissions]]
 
# [[J2EE Misconfiguration: Weak Access Permissions]]
# [[J2EE Time and State Issues]]
 
 
# [[Key exchange without entity authentication]]
 
# [[Key exchange without entity authentication]]
# [[Key management errors]]
 
# [[Leading Special Element]]
 
 
# [[Least Privilege Violation]]
 
# [[Least Privilege Violation]]
 
# [[Leftover Debug Code]]
 
# [[Leftover Debug Code]]
# [[Length Parameter Inconsistency]]
 
# [[Line Delimiter]]
 
 
# [[Log Forging]]
 
# [[Log Forging]]
 
# [[Log injection]]
 
# [[Log injection]]
# [[Mac virtual file problems]]
 
# [[Macro symbol]]
 
 
# [[Member Field Race Condition]]
 
# [[Member Field Race Condition]]
 
# [[Memory leak]]
 
# [[Memory leak]]
 
# [[Miscalculated null termination]]
 
# [[Miscalculated null termination]]
# [[Misinterpretation error]]
 
 
# [[Misinterpreted function return value]]
 
# [[Misinterpreted function return value]]
# [[Missing access control]]
 
# [[Missing critical step in authentication]]
 
# [[Missing element error]]
 
# [[Missing error status code]]
 
# [[Missing handler]]
 
# [[Missing initialization]]
 
# [[Missing lock check]]
 
 
# [[Missing parameter]]
 
# [[Missing parameter]]
# [[Missing required cryptographic step]]
 
# [[Missing special element]]
 
# [[Missing value error]]
 
 
# [[Missing XML Validation]]
 
# [[Missing XML Validation]]
# [[Mixed encoding]]
 
# [[Modification of assumed-immutable data]]
 
# [[Multiple failed authentication attempts not prevented]]
 
# [[Multiple internal special element]]
 
# [[Multiple interpretation error (MIE)]]
 
# [[Multiple interpretations of UI input]]
 
# [[Multiple Leading Special Elements]]
 
# [[Multiple Trailing Special Elements]]
 
 
# [[Mutable object returned]]
 
# [[Mutable object returned]]
# [[Mutable objects passed by reference]]
 
# [[No authentication for critical function]]
 
 
# [[Non-cryptographic pseudo-random number generator]]
 
# [[Non-cryptographic pseudo-random number generator]]
# [[Non-exit on failed initialization]]
 
# [[Non-replicating]]
 
 
# [[Not allowing password aging]]
 
# [[Not allowing password aging]]
 
# [[Not using a random initialization vector with cipher block chaining mode]]
 
# [[Not using a random initialization vector with cipher block chaining mode]]
# [[Null character / null byte]]
 
 
# [[Null Dereference]]
 
# [[Null Dereference]]
# [[Numeric Byte Ordering Error]]
 
# [[Numeric Errors]]
 
 
# [[Object Model Violation: Just One of equals() and hashCode() Defined]]
 
# [[Object Model Violation: Just One of equals() and hashCode() Defined]]
# [[Obscured Security-relevant Information by Alternate Name]]
 
# [[Obsolete feature in UI]]
 
# [[Off-by-one Error]]
 
 
# [[Often Misused: Authentication]]
 
# [[Often Misused: Authentication]]
 
# [[Often Misused: Exception Handling]]
 
# [[Often Misused: Exception Handling]]
 
# [[Often Misused: File System]]
 
# [[Often Misused: File System]]
# [[Often Misused: Path Manipulation]]
 
 
# [[Often Misused: Privilege Management]]
 
# [[Often Misused: Privilege Management]]
 
# [[Often Misused: String Management]]
 
# [[Often Misused: String Management]]
# [[Omission of Security-relevant Information]]
 
 
# [[Omitted break statement]]
 
# [[Omitted break statement]]
 
# [[Open forward]]
 
# [[Open forward]]
 
# [[Open redirect]]
 
# [[Open redirect]]
# [[Origin Validation Error]]
 
# [[Other length calculation error]]
 
# [[Out-of-bounds Read]]
 
 
# [[Overflow of static internal buffer]]
 
# [[Overflow of static internal buffer]]
# [[Overly Restrictive Regular Expression]]
 
 
# [[Overly-Broad Catch Block]]
 
# [[Overly-Broad Catch Block]]
 
# [[Overly-Broad Throws Declaration]]
 
# [[Overly-Broad Throws Declaration]]
# [[Ownership errors]]
 
# [[Parameter Problems]]
 
# [[Partial Comparison]]
 
 
# [[Passing mutable objects to an untrusted method]]
 
# [[Passing mutable objects to an untrusted method]]
 
# [[Password Management: Hardcoded Password]]
 
# [[Password Management: Hardcoded Password]]
 
# [[Password Management: Weak Cryptography]]
 
# [[Password Management: Weak Cryptography]]
 
# [[Password Plaintext Storage]]
 
# [[Password Plaintext Storage]]
# [[Patch Issues]]
 
# [[Path Equivalence]]
 
# [[Path Issue - asterisk wildcard - filedir*]]
 
# [[Path Issue - backslash absolute path - /absolute/pathname/here]]
 
# [[Path Issue - directory doubled dot dot backslash]]
 
# [[Path Issue - directory doubled dot dot slash]]
 
# [[Path Issue - dirname/fakechild/]]
 
# [[Path Issue - dot dot backslash]]
 
# [[Path Issue - doubled dot dot slash]]
 
# [[Path Issue - doubled triple dot slash]]
 
# [[Path Issue - drive letter or Windows volume - 'C:dirname']]
 
# [[Path Issue - internal dot - 'file.ordir']]
 
# [[Path Issue - internal space - file(SPACE)name]]
 
# [[Path Issue - leading directory dot dot backslash]]
 
# [[Path Issue - leading directory dot dot slash]]
 
# [[Path Issue - leading dot dot backslash]]
 
# [[Path Issue - leading dot dot slash]]
 
# [[Path Issue - leading space]]
 
# [[Path Issue - multiple dot]]
 
# [[Path Issue - multiple internal backslash]]
 
# [[Path Issue - multiple leading slash]]
 
# [[Path Issue - multiple trailing dot]]
 
# [[Path Issue - multiple trailing slash]]
 
# [[Path Issue - single dot directory]]
 
# [[Path Issue - slash absolute path]]
 
# [[Path Issue - trailing backslash]]
 
# [[Path Issue - trailing dot]]
 
# [[Path Issue - trailing slash]]
 
# [[Path Issue - trailing space]]
 
# [[Path Issue - triple dot]]
 
# [[Path Issue - Windows 8.3 Filename]]
 
# [[Path Issue - Windows UNC share - '/UNC/share/name/']]
 
# [[Pathname Traversal and Equivalence Errors]]
 
# [[Permission errors]]
 
# [[Permission preservation failure]]
 
# [[Permissions, Privileges, and ACLs]]
 
# [[Permissive Whitelist]]
 
# [[PHP External Variable Modification]]
 
 
# [[PHP File Inclusion]]
 
# [[PHP File Inclusion]]
# [[Plaintext Storage in Cookie]]
 
# [[Plaintext Storage in Executable]]
 
# [[Plaintext Storage in File or on Disk]]
 
# [[Plaintext Storage in GUI]]
 
# [[Plaintext Storage in Memory]]
 
# [[Plaintext Storage of Sensitive Information]]
 
# [[Pointer Issues]]
 
 
# [[Poor Logging Practice: Logger Not Declared Static Final]]
 
# [[Poor Logging Practice: Logger Not Declared Static Final]]
 
# [[Poor Logging Practice: Multiple Loggers]]
 
# [[Poor Logging Practice: Multiple Loggers]]
Line 280: Line 140:
 
# [[Poor Style: Identifier Contains Dollar Symbol ($)]]
 
# [[Poor Style: Identifier Contains Dollar Symbol ($)]]
 
# [[Portability Flaw]]
 
# [[Portability Flaw]]
# [[Porting Issues]]
 
# [[Predictability problems]]
 
# [[Predictable Exact Value from Previous Values]]
 
# [[Predictable from Observable State]]
 
# [[Predictable Seed in PRNG]]
 
# [[Predictable Value Range from Previous Values]]
 
 
# [[Privacy Violation]]
 
# [[Privacy Violation]]
# [[Private Array-Typed Field Returned From A Public Method]]
 
# [[Privilege / sandbox errors]]
 
# [[Privilege Chaining]]
 
# [[Privilege Context Switching Error]]
 
# [[Privilege Dropping / Lowering Errors]]
 
# [[Privilege Management Error]]
 
 
# [[PRNG Seed Error]]
 
# [[PRNG Seed Error]]
 
# [[Process Control]]
 
# [[Process Control]]
# [[Process information infoleak to other processes]]
 
# [[Product UI does not warn user of unsafe actions]]
 
# [[Product-External Error Message Infoleak]]
 
# [[Product-Generated Error Message Infoleak]]
 
# [[Proxied Trusted Channel]]
 
# [[Public Data Assigned to Private Array-Typed Field]]
 
 
# [[Publicizing of private data when using inner classes]]
 
# [[Publicizing of private data when using inner classes]]
# [[Quoting Element]]
 
# [[Race condition enabling link following]]
 
 
# [[Race condition in checking for certificate revocation]]
 
# [[Race condition in checking for certificate revocation]]
 
# [[Race condition in signal handler]]
 
# [[Race condition in signal handler]]
Line 309: Line 149:
 
# [[Race condition within a thread]]
 
# [[Race condition within a thread]]
 
# [[Race Conditions]]
 
# [[Race Conditions]]
# [[Randomness and Predictability]]
 
# [[Record Delimiter]]
 
 
# [[Reflection attack in an auth protocol]]
 
# [[Reflection attack in an auth protocol]]
 
# [[Reflection injection]]
 
# [[Reflection injection]]
# [[Regular Expression Error]]
 
 
# [[Relative path library search]]
 
# [[Relative path library search]]
 
# [[Reliance on data layout]]
 
# [[Reliance on data layout]]
 
# [[Relying on package-level scope]]
 
# [[Relying on package-level scope]]
# [[Representation Errors]]
 
# [[Requirements Issues]]
 
 
# [[Resource exhaustion]]
 
# [[Resource exhaustion]]
# [[Resource leaks]]
 
# [[Resource Locking problems]]
 
# [[Resource Management Errors]]
 
# [[Response discrepancy infoleak]]
 
 
# [[Return Inside Finally Block]]
 
# [[Return Inside Finally Block]]
 
# [[Reusing a nonce, key pair in encryption]]
 
# [[Reusing a nonce, key pair in encryption]]
# [[Reversible One-Way Hash]]
 
# [[Same Seed in PRNG]]
 
# [[Section Delimiter]]
 
# [[Sensitive Data Under FTP Root]]
 
# [[Sensitive Data Under Web Root]]
 
# [[Sensitive Information Uncleared Before Use]]
 
# [[Session Fixation]]
 
 
# [[Sign extension error]]
 
# [[Sign extension error]]
# [[Signal Errors]]
 
 
# [[Signed to unsigned conversion error]]
 
# [[Signed to unsigned conversion error]]
# [[Small Seed Space in PRNG]]
 
# [[Small Space of Random Values]]
 
 
# [[Stack overflow]]
 
# [[Stack overflow]]
 
# [[State synchronization error]]
 
# [[State synchronization error]]
# [[Static Value in Unpredictable Context]]
 
 
# [[Storing passwords in a recoverable format]]
 
# [[Storing passwords in a recoverable format]]
 
# [[String Termination Error]]
 
# [[String Termination Error]]
 
# [[Struts: Duplicate Validation Forms]]
 
# [[Struts: Duplicate Validation Forms]]
 
# [[Struts: Erroneous validate() Method]]
 
# [[Struts: Erroneous validate() Method]]
# [[Struts: Form Bean Does Not Extend Validation Class]]
 
 
# [[Struts: Form Does Not Extend Validation Class]]
 
# [[Struts: Form Does Not Extend Validation Class]]
 
# [[Struts: Form Field Without Validator]]
 
# [[Struts: Form Field Without Validator]]
Line 353: Line 172:
 
# [[Struts: Validator Turned Off]]
 
# [[Struts: Validator Turned Off]]
 
# [[Struts: Validator Without Form Field]]
 
# [[Struts: Validator Without Form Field]]
# [[Substitution Character]]
 
 
# [[Symbolic name not mapping to correct object]]
 
# [[Symbolic name not mapping to correct object]]
# [[System Configuration Issues]]
 
 
# [[System Information Leak]]
 
# [[System Information Leak]]
 
# [[System Information Leak: Missing Catch Block]]
 
# [[System Information Leak: Missing Catch Block]]
# [[System Operations Issues]]
 
# [[Technology-specific Environment Issues]]
 
# [[Technology-Specific Input Validation Problems]]
 
# [[Technology-Specific Special Elements]]
 
# [[Technology-Specific Time and State Issues]]
 
 
# [[Template:Vulnerability]]
 
# [[Template:Vulnerability]]
# [[Temporary File Issues]]
 
# [[Testing Issues]]
 
# [[The UI performs the wrong action]]
 
# [[Time and State]]
 
# [[Time of check, time of use race condition]]
 
# [[Time of Introduction]]
 
# [[Time-of-check Time-of-use race condition]]
 
# [[Timing discrepancy infoleak]]
 
# [[Trailing Special Element]]
 
# [[Trapdoor]]
 
 
# [[Truncation error]]
 
# [[Truncation error]]
# [[Truncation of Security-relevant Information]]
 
 
# [[Trust Boundary Violation]]
 
# [[Trust Boundary Violation]]
 
# [[Trust of system event data]]
 
# [[Trust of system event data]]
 
# [[Trusting self-reported DNS name]]
 
# [[Trusting self-reported DNS name]]
 
# [[Trusting self-reported IP address]]
 
# [[Trusting self-reported IP address]]
# [[UI Misrepresentation of Critical Information]]
 
 
# [[Uncaught exception]]
 
# [[Uncaught exception]]
 
# [[Unchecked array indexing]]
 
# [[Unchecked array indexing]]
 
# [[Unchecked Return Value: Missing Check against Null]]
 
# [[Unchecked Return Value: Missing Check against Null]]
# [[Uncontrolled Search Path Element]]
 
 
# [[Undefined Behavior]]
 
# [[Undefined Behavior]]
# [[Undefined Parameter Error]]
 
# [[Undefined Value Error]]
 
# [[Unexpected Status Code or Return Value]]
 
# [[Unimplemented or unsupported feature in UI]]
 
 
# [[Uninitialized Variable]]
 
# [[Uninitialized Variable]]
# [[Unintended proxy/intermediary]]
 
 
# [[Unintentional pointer scaling]]
 
# [[Unintentional pointer scaling]]
# [[UNIX file descriptor leak]]
 
# [[UNIX hard link]]
 
# [[UNIX Path Link problems]]
 
# [[UNIX symbolic link (symlink) following]]
 
# [[Unparsed Raw Web Content Delivery]]
 
# [[Unprotected Alternate Channel]]
 
# [[Unprotected Primary Channel]]
 
# [[Unquoted Search Path or Element]]
 
 
# [[Unreleased Resource]]
 
# [[Unreleased Resource]]
# [[Unrestricted Critical Resource Lock]]
 
 
# [[Unrestricted File Upload]]
 
# [[Unrestricted File Upload]]
 
# [[Unsafe function call from a signal handler]]
 
# [[Unsafe function call from a signal handler]]
Line 411: Line 196:
 
# [[Unsafe Mobile Code: Inner Class]]
 
# [[Unsafe Mobile Code: Inner Class]]
 
# [[Unsafe Mobile Code: Public finalize() Method]]
 
# [[Unsafe Mobile Code: Public finalize() Method]]
# [[Unsafe Privilege]]
 
 
# [[Unsafe Reflection]]
 
# [[Unsafe Reflection]]
 
# [[Unsigned to signed conversion error]]
 
# [[Unsigned to signed conversion error]]
# [[Untrusted Data Appended with Trusted Data]]
 
# [[Unverified Ownership]]
 
# [[URL Encoding (Hex Encoding)]]
 
 
# [[Use of hard-coded password]]
 
# [[Use of hard-coded password]]
# [[Use of Less Trusted Source]]
 
 
# [[Use of Obsolete Methods]]
 
# [[Use of Obsolete Methods]]
 
# [[Use of sizeof() on a pointer type]]
 
# [[Use of sizeof() on a pointer type]]
# [[User interface inconsistency]]
 
# [[User Interface Quality Errors]]
 
# [[User Interface Security Errors]]
 
# [[User management errors]]
 
 
# [[Using a broken or risky cryptographic algorithm]]
 
# [[Using a broken or risky cryptographic algorithm]]
 
# [[Using a key past its expiration date]]
 
# [[Using a key past its expiration date]]
Line 432: Line 208:
 
# [[Using single-factor authentication]]
 
# [[Using single-factor authentication]]
 
# [[Using the wrong operator]]
 
# [[Using the wrong operator]]
# [[Validate-Before-Canonicalize]]
 
# [[Validate-Before-Filter]]
 
 
# [[Validation performed in client]]
 
# [[Validation performed in client]]
# [[Value Delimiter]]
 
# [[Value Problems]]
 
# [[Variable Name Delimiter]]
 
# [[Virtual Files]]
 
# [[Weak credentials]]
 
# [[Weak Encryption]]
 
 
# [[Wrap-around error]]
 
# [[Wrap-around error]]
 
# [[Write-what-where condition]]
 
# [[Write-what-where condition]]
# [[Wrong Data Type]]
 
# [[Wrong Status Code]]
 
  
 
Back to [[ASDR_Table_of_Contents|TOC]]
 
Back to [[ASDR_Table_of_Contents|TOC]]
  
 
[[Category:OWASP ASDR Project]]
 
[[Category:OWASP ASDR Project]]

Revision as of 10:24, 31 January 2009

Back to TOC

  1. Access control enforced by presentation layer
  2. Accidental leaking of sensitive information through data queries
  3. Accidental leaking of sensitive information through error messages
  4. Accidental leaking of sensitive information through sent data
  5. Addition of data-structure sentinel
  6. Allowing password aging
  7. ASP.NET Misconfiguration: Creating Debug Binary
  8. ASP.NET Misconfiguration: Missing Custom Error Handling
  9. ASP.NET Misconfiguration: Password in Configuration File
  10. Assigning instead of comparing
  11. Authentication Bypass via Assumed-Immutable Data
  12. Behavioral problems
  13. Buffer Overflow
  14. Buffer underwrite
  15. Capture-replay
  16. Catch NullPointerException
  17. Code Correctness: Call to System.gc()
  18. Code Correctness: Call to Thread.run()
  19. Code Correctness: Class Does Not Implement Cloneable
  20. Code Correctness: Double-Checked Locking
  21. Code Correctness: Erroneous finalize() Method
  22. Code Correctness: Erroneous String Compare
  23. Code Correctness: Misspelled Method Name
  24. Code Correctness: null Argument to equals()
  25. Comparing classes by name
  26. Comparing instead of assigning
  27. Comprehensive list of Threats to Authentication Procedures and Data
  28. Covert timing channel
  29. CRLF Injection
  30. Cross Site Scripting Flaw
  31. Dangerous Function
  32. Dead Code: Broken Override
  33. Dead Code: Expression is Always False
  34. Dead Code: Expression is Always True
  35. Dead Code: Unused Field
  36. Dead Code: Unused Method
  37. Deletion of data-structure sentinel
  38. Deserialization of untrusted data
  39. Directory Restriction Error
  40. Double Free
  41. Doubly freeing memory
  42. Duplicate key in associative list (alist)
  43. EJB Bad Practices: Use of AWT/Swing
  44. EJB Bad Practices: Use of Class Loader
  45. EJB Bad Practices: Use of java.io
  46. EJB Bad Practices: Use of Sockets
  47. EJB Bad Practices: Use of Synchronization Primitives
  48. Empty Catch Block
  49. Empty String Password
  50. Extra Special Element
  51. Failure of true random number generator
  52. Failure to account for default case in switch
  53. Failure to add integrity check value
  54. Failure to check for certificate revocation
  55. Failure to check integrity check value
  56. Failure to check whether privileges were dropped successfully
  57. Failure to deallocate data
  58. Failure to drop privileges when reasonable
  59. Failure to encrypt data
  60. Failure to follow chain of trust in certificate validation
  61. Failure to protect stored data from modification
  62. Failure to provide confidentiality for stored data
  63. Failure to validate certificate expiration
  64. Failure to validate host-specific certificate data
  65. File Access Race Condition: TOCTOU
  66. Format String
  67. Guessed or visible temporary file
  68. Hard-Coded Password
  69. Heap Inspection
  70. Heap overflow
  71. Ignored function return value
  72. Illegal Pointer Value
  73. Improper cleanup on thrown exception
  74. Improper error handling
  75. Improper string length checking
  76. Improper temp file opening
  77. Incorrect block delimitation
  78. Information leak through class cloning
  79. Information leak through serialization
  80. Injection problem
  81. Insecure Compiler Optimization
  82. Insecure Randomness
  83. Insecure Temporary File
  84. Insecure Third Party Domain Access
  85. Insufficient Entropy
  86. Insufficient entropy in pseudo-random number generator
  87. Integer coercion error
  88. Integer overflow
  89. Invoking untrusted mobile code
  90. J2EE Bad Practices: getConnection()
  91. J2EE Bad Practices: JSP Expressions
  92. J2EE Bad Practices: Sockets
  93. J2EE Bad Practices: System.exit()
  94. J2EE Misconfiguration: Insecure Transport
  95. J2EE Misconfiguration: Insufficient Session-ID Length
  96. J2EE Misconfiguration: Missing Error Handling
  97. J2EE Misconfiguration: Unsafe Bean Declaration
  98. J2EE Misconfiguration: Weak Access Permissions
  99. Key exchange without entity authentication
  100. Least Privilege Violation
  101. Leftover Debug Code
  102. Log Forging
  103. Log injection
  104. Member Field Race Condition
  105. Memory leak
  106. Miscalculated null termination
  107. Misinterpreted function return value
  108. Missing parameter
  109. Missing XML Validation
  110. Mutable object returned
  111. Non-cryptographic pseudo-random number generator
  112. Not allowing password aging
  113. Not using a random initialization vector with cipher block chaining mode
  114. Null Dereference
  115. Object Model Violation: Just One of equals() and hashCode() Defined
  116. Often Misused: Authentication
  117. Often Misused: Exception Handling
  118. Often Misused: File System
  119. Often Misused: Privilege Management
  120. Often Misused: String Management
  121. Omitted break statement
  122. Open forward
  123. Open redirect
  124. Overflow of static internal buffer
  125. Overly-Broad Catch Block
  126. Overly-Broad Throws Declaration
  127. Passing mutable objects to an untrusted method
  128. Password Management: Hardcoded Password
  129. Password Management: Weak Cryptography
  130. Password Plaintext Storage
  131. PHP File Inclusion
  132. Poor Logging Practice: Logger Not Declared Static Final
  133. Poor Logging Practice: Multiple Loggers
  134. Poor Logging Practice: Use of a System Output Stream
  135. Poor Style: Confusing Naming
  136. Poor Style: Empty Synchronized Block
  137. Poor Style: Explicit call to finalize()
  138. Poor Style: Identifier Contains Dollar Symbol ($)
  139. Portability Flaw
  140. Privacy Violation
  141. PRNG Seed Error
  142. Process Control
  143. Publicizing of private data when using inner classes
  144. Race condition in checking for certificate revocation
  145. Race condition in signal handler
  146. Race condition in switch
  147. Race condition within a thread
  148. Race Conditions
  149. Reflection attack in an auth protocol
  150. Reflection injection
  151. Relative path library search
  152. Reliance on data layout
  153. Relying on package-level scope
  154. Resource exhaustion
  155. Return Inside Finally Block
  156. Reusing a nonce, key pair in encryption
  157. Sign extension error
  158. Signed to unsigned conversion error
  159. Stack overflow
  160. State synchronization error
  161. Storing passwords in a recoverable format
  162. String Termination Error
  163. Struts: Duplicate Validation Forms
  164. Struts: Erroneous validate() Method
  165. Struts: Form Does Not Extend Validation Class
  166. Struts: Form Field Without Validator
  167. Struts: Plug-in Framework Not In Use
  168. Struts: Unused Validation Form
  169. Struts: Unvalidated Action Form
  170. Struts: Validator Turned Off
  171. Struts: Validator Without Form Field
  172. Symbolic name not mapping to correct object
  173. System Information Leak
  174. System Information Leak: Missing Catch Block
  175. Template:Vulnerability
  176. Truncation error
  177. Trust Boundary Violation
  178. Trust of system event data
  179. Trusting self-reported DNS name
  180. Trusting self-reported IP address
  181. Uncaught exception
  182. Unchecked array indexing
  183. Unchecked Return Value: Missing Check against Null
  184. Undefined Behavior
  185. Uninitialized Variable
  186. Unintentional pointer scaling
  187. Unreleased Resource
  188. Unrestricted File Upload
  189. Unsafe function call from a signal handler
  190. Unsafe JNI
  191. Unsafe Mobile Code: Access Violation
  192. Unsafe Mobile Code: Dangerous Array Declaration
  193. Unsafe Mobile Code: Dangerous Public Field
  194. Unsafe Mobile Code: Inner Class
  195. Unsafe Mobile Code: Public finalize() Method
  196. Unsafe Reflection
  197. Unsigned to signed conversion error
  198. Use of hard-coded password
  199. Use of Obsolete Methods
  200. Use of sizeof() on a pointer type
  201. Using a broken or risky cryptographic algorithm
  202. Using a key past its expiration date
  203. Using freed memory
  204. Using password systems
  205. Using referer field for authentication or authorization
  206. Using single-factor authentication
  207. Using the wrong operator
  208. Validation performed in client
  209. Wrap-around error
  210. Write-what-where condition

Back to TOC