ASDR TOC Vulnerabilities

From OWASP
Revision as of 15:23, 28 January 2009 by KirstenS (Talk | contribs)

Jump to: navigation, search


This page was marked to be reviewed for deletion.


Back to TOC

  1. Access control enforced by presentation layer
  2. Accidental leaking of sensitive information through data queries
  3. Accidental leaking of sensitive information through error messages
  4. Accidental leaking of sensitive information through sent data
  5. Addition of data-structure sentinel
  6. Allowing External Setting Manipulation
  7. Allowing password aging
  8. Alternate Channel Race Condition
  9. Alternate Encoding
  10. ASP.NET Misconfiguration: Creating Debug Binary
  11. ASP.NET Misconfiguration: Missing Custom Error Handling
  12. ASP.NET Misconfiguration: Password in Configuration File
  13. Assigning instead of comparing
  14. Authentication bypass by alternate name
  15. Authentication Bypass by Alternate Path/Channel
  16. Authentication Bypass by Primary Weakness
  17. Authentication bypass by spoofing
  18. Authentication Bypass via Assumed-Immutable Data
  19. Authentication Error
  20. Authentication Logic Error
  21. Behavioral Change
  22. Behavioral Discrepancy Infoleak
  23. Behavioral problems
  24. Buffer Overflow
  25. Buffer over-read
  26. Buffer under-read
  27. Buffer underwrite
  28. Bundling Issues
  29. Byte/Object Code
  30. Capture-replay
  31. Case Sensitivity (lowercase, uppercase, mixed case)
  32. Catch NullPointerException
  33. Channel and Path Errors
  34. Cleansing, Canonicalization, and Comparison Errors
  35. Code Correctness: Call to System.gc()
  36. Code Correctness: Call to Thread.run()
  37. Code Correctness: Class Does Not Implement Cloneable
  38. Code Correctness: Double-Checked Locking
  39. Code Correctness: Erroneous finalize() Method
  40. Code Correctness: Erroneous String Compare
  41. Code Correctness: Misspelled Method Name
  42. Code Correctness: null Argument to equals()
  43. Collapse of Data into Unsafe Value
  44. Common Special Element Manipulations
  45. Comparing classes by name
  46. Comparing instead of assigning
  47. Comprehensive list of Threats to Authentication Procedures and Data
  48. Context Switching Race Condition
  49. Covert timing channel
  50. CRLF Injection
  51. Cross Site Scripting Flaw
  52. Cross-Boundary Cleansing Infoleak
  53. Dangerous Function
  54. Dangerous handler not cleared/disabled during sensitive operations
  55. Data Amplification
  56. Data Leaking Between Users
  57. Data Structure Issues
  58. Dead Code: Broken Override
  59. Dead Code: Expression is Always False
  60. Dead Code: Expression is Always True
  61. Dead Code: Unused Field
  62. Dead Code: Unused Method
  63. Deletion of data-structure sentinel
  64. Delimiter between Expressions or Commands
  65. Delimiter Problems
  66. Deserialization of untrusted data
  67. Directory Restriction Error
  68. Discrepancy Information Leaks
  69. Double Free
  70. Doubled character XSS manipulations
  71. Doubly freeing memory
  72. Duplicate key in associative list (alist)
  73. Early Amplification
  74. EJB Bad Practices: Use of AWT/Swing
  75. EJB Bad Practices: Use of Class Loader
  76. EJB Bad Practices: Use of java.io
  77. EJB Bad Practices: Use of Sockets
  78. EJB Bad Practices: Use of Synchronization Primitives
  79. Empty Catch Block
  80. Empty String Password
  81. Error Conditions, Return Values, Status Codes
  82. Error Message Infoleaks
  83. Escape, Meta, or Control Character / Sequence
  84. Expected behavior violation
  85. External behavioral inconsistency infoleak
  86. External initialization of trusted variables or values
  87. Extra Parameter Error
  88. Extra Special Element
  89. Extra Unhandled Features
  90. Extra Value Error
  91. Fails poorly due to insufficient permissions
  92. Failure of true random number generator
  93. Failure to account for default case in switch
  94. Failure to add integrity check value
  95. Failure to check for certificate revocation
  96. Failure to check integrity check value
  97. Failure to check whether privileges were dropped successfully
  98. Failure to deallocate data
  99. Failure to drop privileges when reasonable
  100. Failure to encrypt data
  101. Failure to follow chain of trust in certificate validation
  102. Failure to protect stored data from modification
  103. Failure to provide confidentiality for stored data
  104. Failure to validate certificate expiration
  105. Failure to validate host-specific certificate data
  106. File Access Race Condition: TOCTOU
  107. Format String
  108. General Special Element Problems
  109. Grouping Element / Paired Delimiter
  110. Guessed or visible temporary file
  111. Hard-Coded Password
  112. Heap Inspection
  113. Heap overflow
  114. Ignored function return value
  115. Illegal Pointer Value
  116. Improper cleanup on thrown exception
  117. Improper error handling
  118. Improper Handler Deployment
  119. Improper Null Termination
  120. Improper resource shutdown or release
  121. Improper string length checking
  122. Improper temp file opening
  123. Improperly Implemented Security Check for Standard
  124. Improperly Trusted Reverse DNS
  125. Improperly Verified Signature
  126. Incomplete Blacklist
  127. Incomplete Cleanup
  128. Incomplete Element
  129. Incomplete Internal State Distinction
  130. Inconsistent Implementations
  131. Inconsistent Special Elements
  132. Incorrect block delimitation
  133. Incorrect initialization
  134. Incorrect Privilege Assignment
  135. Infoleak Using Debug Information
  136. Information Leak (information disclosure)
  137. Information leak through class cloning
  138. Information leak through serialization
  139. Information loss or omission
  140. Initialization and Cleanup Errors
  141. Injection problem
  142. Input Terminator
  143. Insecure Compiler Optimization
  144. Insecure Default Permissions
  145. Insecure default variable initialization
  146. Insecure execution-assigned permissions
  147. Insecure inherited permissions
  148. Insecure preserved inherited permissions
  149. Insecure Randomness
  150. Insecure Temporary File
  151. Insecure Third Party Domain Access
  152. Installation Issues
  153. Insufficient Entropy
  154. Insufficient entropy in pseudo-random number generator
  155. Insufficient privileges
  156. Insufficient Resource Locking
  157. Insufficient Resource Pool
  158. Insufficient Type Distinction
  159. Insufficient UI warning of dangerous operations
  160. Insufficient Verification of Data
  161. Integer coercion error
  162. Integer overflow
  163. Intended information leak
  164. Interaction Errors
  165. Internal behavioral inconsistency infoleak
  166. Internal Special Element
  167. Invalid Characters in Identifiers
  168. Invoking untrusted mobile code
  169. J2EE Bad Practices: getConnection()
  170. J2EE Bad Practices: JSP Expressions
  171. J2EE Bad Practices: Sockets
  172. J2EE Bad Practices: System.exit()
  173. J2EE Bad Practices: Threads
  174. J2EE Misconfiguration: Insecure Transport
  175. J2EE Misconfiguration: Insufficient Session-ID Length
  176. J2EE Misconfiguration: Missing Error Handling
  177. J2EE Misconfiguration: Unsafe Bean Declaration
  178. J2EE Misconfiguration: Weak Access Permissions
  179. J2EE Time and State Issues
  180. Key exchange without entity authentication
  181. Key management errors
  182. Leading Special Element
  183. Least Privilege Violation
  184. Leftover Debug Code
  185. Length Parameter Inconsistency
  186. Line Delimiter
  187. Log Forging
  188. Log injection
  189. Mac virtual file problems
  190. Macro symbol
  191. Member Field Race Condition
  192. Memory leak
  193. Miscalculated null termination
  194. Misinterpretation error
  195. Misinterpreted function return value
  196. Missing access control
  197. Missing critical step in authentication
  198. Missing element error
  199. Missing error status code
  200. Missing handler
  201. Missing initialization
  202. Missing lock check
  203. Missing parameter
  204. Missing required cryptographic step
  205. Missing special element
  206. Missing value error
  207. Missing XML Validation
  208. Mixed encoding
  209. Modification of assumed-immutable data
  210. Multiple failed authentication attempts not prevented
  211. Multiple internal special element
  212. Multiple interpretation error (MIE)
  213. Multiple interpretations of UI input
  214. Multiple Leading Special Elements
  215. Multiple Trailing Special Elements
  216. Mutable object returned
  217. Mutable objects passed by reference
  218. No authentication for critical function
  219. Non-cryptographic pseudo-random number generator
  220. Non-exit on failed initialization
  221. Non-replicating
  222. Not allowing password aging
  223. Not using a random initialization vector with cipher block chaining mode
  224. Null character / null byte
  225. Null Dereference
  226. Numeric Byte Ordering Error
  227. Numeric Errors
  228. Object Model Violation: Just One of equals() and hashCode() Defined
  229. Obscured Security-relevant Information by Alternate Name
  230. Obsolete feature in UI
  231. Off-by-one Error
  232. Often Misused: Authentication
  233. Often Misused: Exception Handling
  234. Often Misused: File System
  235. Often Misused: Path Manipulation
  236. Often Misused: Privilege Management
  237. Often Misused: String Management
  238. Omission of Security-relevant Information
  239. Omitted break statement
  240. Open forward
  241. Open redirect
  242. Origin Validation Error
  243. Other length calculation error
  244. Out-of-bounds Read
  245. Overflow of static internal buffer
  246. Overly Restrictive Regular Expression
  247. Overly-Broad Catch Block
  248. Overly-Broad Throws Declaration
  249. Ownership errors
  250. Parameter Problems
  251. Partial Comparison
  252. Passing mutable objects to an untrusted method
  253. Password Management: Hardcoded Password
  254. Password Management: Weak Cryptography
  255. Password Plaintext Storage
  256. Patch Issues
  257. Path Equivalence
  258. Path Issue - asterisk wildcard - filedir*
  259. Path Issue - backslash absolute path - /absolute/pathname/here
  260. Path Issue - directory doubled dot dot backslash
  261. Path Issue - directory doubled dot dot slash
  262. Path Issue - dirname/fakechild/
  263. Path Issue - dot dot backslash
  264. Path Issue - doubled dot dot slash
  265. Path Issue - doubled triple dot slash
  266. Path Issue - drive letter or Windows volume - 'C:dirname'
  267. Path Issue - internal dot - 'file.ordir'
  268. Path Issue - internal space - file(SPACE)name
  269. Path Issue - leading directory dot dot backslash
  270. Path Issue - leading directory dot dot slash
  271. Path Issue - leading dot dot backslash
  272. Path Issue - leading dot dot slash
  273. Path Issue - leading space
  274. Path Issue - multiple dot
  275. Path Issue - multiple internal backslash
  276. Path Issue - multiple leading slash
  277. Path Issue - multiple trailing dot
  278. Path Issue - multiple trailing slash
  279. Path Issue - single dot directory
  280. Path Issue - slash absolute path
  281. Path Issue - trailing backslash
  282. Path Issue - trailing dot
  283. Path Issue - trailing slash
  284. Path Issue - trailing space
  285. Path Issue - triple dot
  286. Path Issue - Windows 8.3 Filename
  287. Path Issue - Windows UNC share - '/UNC/share/name/'
  288. Pathname Traversal and Equivalence Errors
  289. Permission errors
  290. Permission preservation failure
  291. Permissions, Privileges, and ACLs
  292. Permissive Whitelist
  293. PHP External Variable Modification
  294. PHP File Inclusion
  295. Plaintext Storage in Cookie
  296. Plaintext Storage in Executable
  297. Plaintext Storage in File or on Disk
  298. Plaintext Storage in GUI
  299. Plaintext Storage in Memory
  300. Plaintext Storage of Sensitive Information
  301. Pointer Issues
  302. Poor Logging Practice: Logger Not Declared Static Final
  303. Poor Logging Practice: Multiple Loggers
  304. Poor Logging Practice: Use of a System Output Stream
  305. Poor Style: Confusing Naming
  306. Poor Style: Empty Synchronized Block
  307. Poor Style: Explicit call to finalize()
  308. Poor Style: Identifier Contains Dollar Symbol ($)
  309. Portability Flaw
  310. Porting Issues
  311. Predictability problems
  312. Predictable Exact Value from Previous Values
  313. Predictable from Observable State
  314. Predictable Seed in PRNG
  315. Predictable Value Range from Previous Values
  316. Privacy Violation
  317. Private Array-Typed Field Returned From A Public Method
  318. Privilege / sandbox errors
  319. Privilege Chaining
  320. Privilege Context Switching Error
  321. Privilege Dropping / Lowering Errors
  322. Privilege Management Error
  323. PRNG Seed Error
  324. Process Control
  325. Process information infoleak to other processes
  326. Product UI does not warn user of unsafe actions
  327. Product-External Error Message Infoleak
  328. Product-Generated Error Message Infoleak
  329. Proxied Trusted Channel
  330. Public Data Assigned to Private Array-Typed Field
  331. Publicizing of private data when using inner classes
  332. Quoting Element
  333. Race condition enabling link following
  334. Race condition in checking for certificate revocation
  335. Race condition in signal handler
  336. Race condition in switch
  337. Race condition within a thread
  338. Race Conditions
  339. Randomness and Predictability
  340. Record Delimiter
  341. Reflection attack in an auth protocol
  342. Reflection injection
  343. Regular Expression Error
  344. Relative path library search
  345. Reliance on data layout
  346. Relying on package-level scope
  347. Representation Errors
  348. Requirements Issues
  349. Resource exhaustion
  350. Resource leaks
  351. Resource Locking problems
  352. Resource Management Errors
  353. Response discrepancy infoleak
  354. Return Inside Finally Block
  355. Reusing a nonce, key pair in encryption
  356. Reversible One-Way Hash
  357. Same Seed in PRNG
  358. Section Delimiter
  359. Sensitive Data Under FTP Root
  360. Sensitive Data Under Web Root
  361. Sensitive Information Uncleared Before Use
  362. Session Fixation
  363. Sign extension error
  364. Signal Errors
  365. Signed to unsigned conversion error
  366. Small Seed Space in PRNG
  367. Small Space of Random Values
  368. Stack overflow
  369. State synchronization error
  370. Static Value in Unpredictable Context
  371. Storing passwords in a recoverable format
  372. String Termination Error
  373. Struts: Duplicate Validation Forms
  374. Struts: Erroneous validate() Method
  375. Struts: Form Bean Does Not Extend Validation Class
  376. Struts: Form Does Not Extend Validation Class
  377. Struts: Form Field Without Validator
  378. Struts: Plug-in Framework Not In Use
  379. Struts: Unused Validation Form
  380. Struts: Unvalidated Action Form
  381. Struts: Validator Turned Off
  382. Struts: Validator Without Form Field
  383. Substitution Character
  384. Symbolic name not mapping to correct object
  385. System Configuration Issues
  386. System Information Leak
  387. System Information Leak: Missing Catch Block
  388. System Operations Issues
  389. Technology-specific Environment Issues
  390. Technology-Specific Input Validation Problems
  391. Technology-Specific Special Elements
  392. Technology-Specific Time and State Issues
  393. Template:Vulnerability
  394. Temporary File Issues
  395. Testing Issues
  396. The UI performs the wrong action
  397. Time and State
  398. Time of check, time of use race condition
  399. Time of Introduction
  400. Time-of-check Time-of-use race condition
  401. Timing discrepancy infoleak
  402. Trailing Special Element
  403. Trapdoor
  404. Truncation error
  405. Truncation of Security-relevant Information
  406. Trust Boundary Violation
  407. Trust of system event data
  408. Trusting self-reported DNS name
  409. Trusting self-reported IP address
  410. UI Misrepresentation of Critical Information
  411. Uncaught exception
  412. Unchecked array indexing
  413. Unchecked Return Value: Missing Check against Null
  414. Uncontrolled Search Path Element
  415. Undefined Behavior
  416. Undefined Parameter Error
  417. Undefined Value Error
  418. Unexpected Status Code or Return Value
  419. Unimplemented or unsupported feature in UI
  420. Uninitialized Variable
  421. Unintended proxy/intermediary
  422. Unintentional pointer scaling
  423. UNIX file descriptor leak
  424. UNIX hard link
  425. UNIX Path Link problems
  426. UNIX symbolic link (symlink) following
  427. Unparsed Raw Web Content Delivery
  428. Unprotected Alternate Channel
  429. Unprotected Primary Channel
  430. Unquoted Search Path or Element
  431. Unreleased Resource
  432. Unrestricted Critical Resource Lock
  433. Unrestricted File Upload
  434. Unsafe function call from a signal handler
  435. Unsafe JNI
  436. Unsafe Mobile Code: Access Violation
  437. Unsafe Mobile Code: Dangerous Array Declaration
  438. Unsafe Mobile Code: Dangerous Public Field
  439. Unsafe Mobile Code: Inner Class
  440. Unsafe Mobile Code: Public finalize() Method
  441. Unsafe Privilege
  442. Unsafe Reflection
  443. Unsigned to signed conversion error
  444. Untrusted Data Appended with Trusted Data
  445. Unverified Ownership
  446. URL Encoding (Hex Encoding)
  447. Use of hard-coded password
  448. Use of Less Trusted Source
  449. Use of Obsolete Methods
  450. Use of sizeof() on a pointer type
  451. User interface inconsistency
  452. User Interface Quality Errors
  453. User Interface Security Errors
  454. User management errors
  455. Using a broken or risky cryptographic algorithm
  456. Using a key past its expiration date
  457. Using freed memory
  458. Using password systems
  459. Using referer field for authentication or authorization
  460. Using single-factor authentication
  461. Using the wrong operator
  462. Validate-Before-Canonicalize
  463. Validate-Before-Filter
  464. Validation performed in client
  465. Value Delimiter
  466. Value Problems
  467. Variable Name Delimiter
  468. Virtual Files
  469. Weak credentials
  470. Weak Encryption
  471. Wrap-around error
  472. Write-what-where condition
  473. Wrong Data Type
  474. Wrong Status Code

Back to TOC