Difference between revisions of "ASDR TOC Vulnerabilities"

From OWASP
Jump to: navigation, search
Line 12: Line 12:
 
#[[Capture-replay]]
 
#[[Capture-replay]]
 
# [[Catch NullPointerException]]
 
# [[Catch NullPointerException]]
# [[Code Correctness: Call to System.gc()]]
 
# [[Code Correctness: Call to Thread.run()]]
 
# [[Code Correctness: Class Does Not Implement Cloneable]]
 
# [[Code Correctness: Double-Checked Locking]]
 
# [[Code Correctness: Erroneous finalize() Method]]
 
# [[Code Correctness: Erroneous String Compare]]
 
# [[Code Correctness: Misspelled Method Name]]
 
# [[Code Correctness: null Argument to equals()]]
 
 
# [[Comparing classes by name]]
 
# [[Comparing classes by name]]
 
# [[Comparing instead of assigning]]
 
# [[Comparing instead of assigning]]

Revision as of 06:29, 11 February 2009

Back to TOC

  1. Access control enforced by presentation layer
  2. Addition of data-structure sentinel
  3. Allowing password aging
  4. ASP.NET Misconfigurations
  5. Assigning instead of comparing
  6. Authentication Bypass via Assumed-Immutable Data
  7. Behavioral problems
  8. Buffer Overflow
  9. Buffer underwrite
  10. Capture-replay
  11. Catch NullPointerException
  12. Comparing classes by name
  13. Comparing instead of assigning
  14. Comprehensive list of Threats to Authentication Procedures and Data
  15. Covert timing channel
  16. CRLF Injection
  17. Cross Site Scripting Flaw
  18. Dangerous Function
  19. Dead Code: Broken Override
  20. Dead Code: Expression is Always False
  21. Dead Code: Expression is Always True
  22. Dead Code: Unused Field
  23. Dead Code: Unused Method
  24. Deletion of data-structure sentinel
  25. Deserialization of untrusted data
  26. Directory Restriction Error
  27. Double Free
  28. Doubly freeing memory
  29. Duplicate key in associative list (alist)
  30. EJB Bad Practices: Use of AWT/Swing
  31. EJB Bad Practices: Use of Class Loader
  32. EJB Bad Practices: Use of java.io
  33. EJB Bad Practices: Use of Sockets
  34. EJB Bad Practices: Use of Synchronization Primitives
  35. Empty Catch Block
  36. Empty String Password
  37. Failure of true random number generator
  38. Failure to account for default case in switch
  39. Failure to add integrity check value
  40. Failure to check for certificate revocation
  41. Failure to check integrity check value
  42. Failure to check whether privileges were dropped successfully
  43. Failure to deallocate data
  44. Failure to drop privileges when reasonable
  45. Failure to encrypt data
  46. Failure to follow guideline/specification
  47. Failure to follow chain of trust in certificate validation
  48. Failure to protect stored data from modification
  49. Failure to provide confidentiality for stored data
  50. Failure to validate certificate expiration
  51. Failure to validate host-specific certificate data
  52. File Access Race Condition: TOCTOU
  53. Format String
  54. Guessed or visible temporary file
  55. Hard-Coded Password
  56. Heap Inspection
  57. Heap overflow
  58. Ignored function return value
  59. Illegal Pointer Value
  60. Improper cleanup on thrown exception
  61. Improper error handling
  62. Improper string length checking
  63. Improper temp file opening
  64. Incorrect block delimitation
  65. Information Leakage
  66. Injection problem
  67. Insecure Compiler Optimization
  68. Insecure Randomness
  69. Insecure Temporary File
  70. Insecure Third Party Domain Access
  71. Insufficient Entropy
  72. Insufficient entropy in pseudo-random number generator
  73. Integer coercion error
  74. Integer overflow
  75. Invoking untrusted mobile code
  76. J2EE Bad Practices: getConnection()
  77. J2EE Bad Practices: JSP Expressions
  78. J2EE Bad Practices: Sockets
  79. J2EE Bad Practices: System.exit()
  80. J2EE Misconfiguration: Insecure Transport
  81. J2EE Misconfiguration: Insufficient Session-ID Length
  82. J2EE Misconfiguration: Missing Error Handling
  83. J2EE Misconfiguration: Unsafe Bean Declaration
  84. J2EE Misconfiguration: Weak Access Permissions
  85. Key exchange without entity authentication
  86. Least Privilege Violation
  87. Leftover Debug Code
  88. Log Forging
  89. Log injection
  90. Member Field Race Condition
  91. Memory leak
  92. Miscalculated null termination
  93. Misinterpreted function return value
  94. Missing parameter
  95. Missing XML Validation
  96. Mutable object returned
  97. Non-cryptographic pseudo-random number generator
  98. Not allowing password aging
  99. Not using a random initialization vector with cipher block chaining mode
  100. Null Dereference
  101. Object Model Violation: Just One of equals() and hashCode() Defined
  102. Often Misused: Authentication
  103. Often Misused: Exception Handling
  104. Often Misused: File System
  105. Often Misused: Privilege Management
  106. Often Misused: String Management
  107. Omitted break statement
  108. Open forward
  109. Open redirect
  110. Overflow of static internal buffer
  111. Overly-Broad Catch Block
  112. Overly-Broad Throws Declaration
  113. Passing mutable objects to an untrusted method
  114. Password Management: Hardcoded Password
  115. Password Management: Weak Cryptography
  116. Password Plaintext Storage
  117. PHP File Inclusion
  118. Poor Logging Practice: Logger Not Declared Static Final
  119. Poor Logging Practice: Multiple Loggers
  120. Poor Logging Practice: Use of a System Output Stream
  121. Poor Style: Confusing Naming
  122. Poor Style: Empty Synchronized Block
  123. Poor Style: Explicit call to finalize()
  124. Poor Style: Identifier Contains Dollar Symbol ($)
  125. Portability Flaw
  126. Privacy Violation
  127. PRNG Seed Error
  128. Process Control
  129. Publicizing of private data when using inner classes
  130. Race condition in checking for certificate revocation
  131. Race condition in signal handler
  132. Race condition in switch
  133. Race condition within a thread
  134. Race Conditions
  135. Reflection attack in an auth protocol
  136. Reflection injection
  137. Relative path library search
  138. Reliance on data layout
  139. Relying on package-level scope
  140. Resource exhaustion
  141. Return Inside Finally Block
  142. Reusing a nonce, key pair in encryption
  143. Sign extension error
  144. Signed to unsigned conversion error
  145. Stack overflow
  146. State synchronization error
  147. Storing passwords in a recoverable format
  148. String Termination Error
  149. Struts: Duplicate Validation Forms
  150. Struts: Erroneous validate() Method
  151. Struts: Form Does Not Extend Validation Class
  152. Struts: Form Field Without Validator
  153. Struts: Plug-in Framework Not In Use
  154. Struts: Unused Validation Form
  155. Struts: Unvalidated Action Form
  156. Struts: Validator Turned Off
  157. Struts: Validator Without Form Field
  158. Symbolic name not mapping to correct object
  159. Template:Vulnerability
  160. Truncation error
  161. Trust Boundary Violation
  162. Trust of system event data
  163. Trusting self-reported DNS name
  164. Trusting self-reported IP address
  165. Uncaught exception
  166. Unchecked array indexing
  167. Unchecked Return Value: Missing Check against Null
  168. Undefined Behavior
  169. Uninitialized Variable
  170. Unintentional pointer scaling
  171. Unreleased Resource
  172. Unrestricted File Upload
  173. Unsafe function call from a signal handler
  174. Unsafe JNI
  175. Unsafe Mobile Code: Access Violation
  176. Unsafe Mobile Code: Dangerous Array Declaration
  177. Unsafe Mobile Code: Dangerous Public Field
  178. Unsafe Mobile Code: Inner Class
  179. Unsafe Mobile Code: Public finalize() Method
  180. Unsafe Reflection
  181. Unsigned to signed conversion error
  182. Use of hard-coded password
  183. Use of Obsolete Methods
  184. Use of sizeof() on a pointer type
  185. Using a broken or risky cryptographic algorithm
  186. Using a key past its expiration date
  187. Using freed memory
  188. Using password systems
  189. Using referer field for authentication or authorization
  190. Using single-factor authentication
  191. Using the wrong operator
  192. Validation performed in client
  193. Wrap-around error
  194. Write-what-where condition

Back to TOC