ASDR TOC Vulnerabilities

From OWASP
Revision as of 15:25, 28 January 2009 by KirstenS (Talk | contribs)

Jump to: navigation, search


This page was marked to be reviewed for deletion.


Back to TOC

  1. Access control enforced by presentation layer
  2. Accidental leaking of sensitive information through data queries
  3. Accidental leaking of sensitive information through error messages
  4. Accidental leaking of sensitive information through sent data
  5. Addition of data-structure sentinel
  6. Allowing password aging
  7. ASP.NET Misconfiguration: Creating Debug Binary
  8. ASP.NET Misconfiguration: Missing Custom Error Handling
  9. ASP.NET Misconfiguration: Password in Configuration File
  10. Assigning instead of comparing
  11. Authentication Bypass by Alternate Path/Channel
  12. Authentication Bypass by Primary Weakness
  13. Authentication Bypass via Assumed-Immutable Data
  14. Behavioral Change
  15. Behavioral Discrepancy Infoleak
  16. Behavioral problems
  17. Buffer Overflow
  18. Buffer over-read
  19. Buffer under-read
  20. Buffer underwrite
  21. Bundling Issues
  22. Byte/Object Code
  23. Capture-replay
  24. Case Sensitivity (lowercase, uppercase, mixed case)
  25. Catch NullPointerException
  26. Channel and Path Errors
  27. Cleansing, Canonicalization, and Comparison Errors
  28. Code Correctness: Call to System.gc()
  29. Code Correctness: Call to Thread.run()
  30. Code Correctness: Class Does Not Implement Cloneable
  31. Code Correctness: Double-Checked Locking
  32. Code Correctness: Erroneous finalize() Method
  33. Code Correctness: Erroneous String Compare
  34. Code Correctness: Misspelled Method Name
  35. Code Correctness: null Argument to equals()
  36. Collapse of Data into Unsafe Value
  37. Common Special Element Manipulations
  38. Comparing classes by name
  39. Comparing instead of assigning
  40. Comprehensive list of Threats to Authentication Procedures and Data
  41. Context Switching Race Condition
  42. Covert timing channel
  43. CRLF Injection
  44. Cross Site Scripting Flaw
  45. Cross-Boundary Cleansing Infoleak
  46. Dangerous Function
  47. Dangerous handler not cleared/disabled during sensitive operations
  48. Data Amplification
  49. Data Leaking Between Users
  50. Data Structure Issues
  51. Dead Code: Broken Override
  52. Dead Code: Expression is Always False
  53. Dead Code: Expression is Always True
  54. Dead Code: Unused Field
  55. Dead Code: Unused Method
  56. Deletion of data-structure sentinel
  57. Delimiter between Expressions or Commands
  58. Delimiter Problems
  59. Deserialization of untrusted data
  60. Directory Restriction Error
  61. Discrepancy Information Leaks
  62. Double Free
  63. Doubled character XSS manipulations
  64. Doubly freeing memory
  65. Duplicate key in associative list (alist)
  66. Early Amplification
  67. EJB Bad Practices: Use of AWT/Swing
  68. EJB Bad Practices: Use of Class Loader
  69. EJB Bad Practices: Use of java.io
  70. EJB Bad Practices: Use of Sockets
  71. EJB Bad Practices: Use of Synchronization Primitives
  72. Empty Catch Block
  73. Empty String Password
  74. Error Conditions, Return Values, Status Codes
  75. Error Message Infoleaks
  76. Escape, Meta, or Control Character / Sequence
  77. Expected behavior violation
  78. External behavioral inconsistency infoleak
  79. External initialization of trusted variables or values
  80. Extra Parameter Error
  81. Extra Special Element
  82. Extra Unhandled Features
  83. Extra Value Error
  84. Fails poorly due to insufficient permissions
  85. Failure of true random number generator
  86. Failure to account for default case in switch
  87. Failure to add integrity check value
  88. Failure to check for certificate revocation
  89. Failure to check integrity check value
  90. Failure to check whether privileges were dropped successfully
  91. Failure to deallocate data
  92. Failure to drop privileges when reasonable
  93. Failure to encrypt data
  94. Failure to follow chain of trust in certificate validation
  95. Failure to protect stored data from modification
  96. Failure to provide confidentiality for stored data
  97. Failure to validate certificate expiration
  98. Failure to validate host-specific certificate data
  99. File Access Race Condition: TOCTOU
  100. Format String
  101. General Special Element Problems
  102. Grouping Element / Paired Delimiter
  103. Guessed or visible temporary file
  104. Hard-Coded Password
  105. Heap Inspection
  106. Heap overflow
  107. Ignored function return value
  108. Illegal Pointer Value
  109. Improper cleanup on thrown exception
  110. Improper error handling
  111. Improper Handler Deployment
  112. Improper Null Termination
  113. Improper resource shutdown or release
  114. Improper string length checking
  115. Improper temp file opening
  116. Improperly Implemented Security Check for Standard
  117. Improperly Trusted Reverse DNS
  118. Improperly Verified Signature
  119. Incomplete Blacklist
  120. Incomplete Cleanup
  121. Incomplete Element
  122. Incomplete Internal State Distinction
  123. Inconsistent Implementations
  124. Inconsistent Special Elements
  125. Incorrect block delimitation
  126. Incorrect initialization
  127. Incorrect Privilege Assignment
  128. Infoleak Using Debug Information
  129. Information Leak (information disclosure)
  130. Information leak through class cloning
  131. Information leak through serialization
  132. Information loss or omission
  133. Initialization and Cleanup Errors
  134. Injection problem
  135. Input Terminator
  136. Insecure Compiler Optimization
  137. Insecure Default Permissions
  138. Insecure default variable initialization
  139. Insecure execution-assigned permissions
  140. Insecure inherited permissions
  141. Insecure preserved inherited permissions
  142. Insecure Randomness
  143. Insecure Temporary File
  144. Insecure Third Party Domain Access
  145. Installation Issues
  146. Insufficient Entropy
  147. Insufficient entropy in pseudo-random number generator
  148. Insufficient privileges
  149. Insufficient Resource Locking
  150. Insufficient Resource Pool
  151. Insufficient Type Distinction
  152. Insufficient UI warning of dangerous operations
  153. Insufficient Verification of Data
  154. Integer coercion error
  155. Integer overflow
  156. Intended information leak
  157. Interaction Errors
  158. Internal behavioral inconsistency infoleak
  159. Internal Special Element
  160. Invalid Characters in Identifiers
  161. Invoking untrusted mobile code
  162. J2EE Bad Practices: getConnection()
  163. J2EE Bad Practices: JSP Expressions
  164. J2EE Bad Practices: Sockets
  165. J2EE Bad Practices: System.exit()
  166. J2EE Bad Practices: Threads
  167. J2EE Misconfiguration: Insecure Transport
  168. J2EE Misconfiguration: Insufficient Session-ID Length
  169. J2EE Misconfiguration: Missing Error Handling
  170. J2EE Misconfiguration: Unsafe Bean Declaration
  171. J2EE Misconfiguration: Weak Access Permissions
  172. J2EE Time and State Issues
  173. Key exchange without entity authentication
  174. Key management errors
  175. Leading Special Element
  176. Least Privilege Violation
  177. Leftover Debug Code
  178. Length Parameter Inconsistency
  179. Line Delimiter
  180. Log Forging
  181. Log injection
  182. Mac virtual file problems
  183. Macro symbol
  184. Member Field Race Condition
  185. Memory leak
  186. Miscalculated null termination
  187. Misinterpretation error
  188. Misinterpreted function return value
  189. Missing access control
  190. Missing critical step in authentication
  191. Missing element error
  192. Missing error status code
  193. Missing handler
  194. Missing initialization
  195. Missing lock check
  196. Missing parameter
  197. Missing required cryptographic step
  198. Missing special element
  199. Missing value error
  200. Missing XML Validation
  201. Mixed encoding
  202. Modification of assumed-immutable data
  203. Multiple failed authentication attempts not prevented
  204. Multiple internal special element
  205. Multiple interpretation error (MIE)
  206. Multiple interpretations of UI input
  207. Multiple Leading Special Elements
  208. Multiple Trailing Special Elements
  209. Mutable object returned
  210. Mutable objects passed by reference
  211. No authentication for critical function
  212. Non-cryptographic pseudo-random number generator
  213. Non-exit on failed initialization
  214. Non-replicating
  215. Not allowing password aging
  216. Not using a random initialization vector with cipher block chaining mode
  217. Null character / null byte
  218. Null Dereference
  219. Numeric Byte Ordering Error
  220. Numeric Errors
  221. Object Model Violation: Just One of equals() and hashCode() Defined
  222. Obscured Security-relevant Information by Alternate Name
  223. Obsolete feature in UI
  224. Off-by-one Error
  225. Often Misused: Authentication
  226. Often Misused: Exception Handling
  227. Often Misused: File System
  228. Often Misused: Path Manipulation
  229. Often Misused: Privilege Management
  230. Often Misused: String Management
  231. Omission of Security-relevant Information
  232. Omitted break statement
  233. Open forward
  234. Open redirect
  235. Origin Validation Error
  236. Other length calculation error
  237. Out-of-bounds Read
  238. Overflow of static internal buffer
  239. Overly Restrictive Regular Expression
  240. Overly-Broad Catch Block
  241. Overly-Broad Throws Declaration
  242. Ownership errors
  243. Parameter Problems
  244. Partial Comparison
  245. Passing mutable objects to an untrusted method
  246. Password Management: Hardcoded Password
  247. Password Management: Weak Cryptography
  248. Password Plaintext Storage
  249. Patch Issues
  250. Path Equivalence
  251. Path Issue - asterisk wildcard - filedir*
  252. Path Issue - backslash absolute path - /absolute/pathname/here
  253. Path Issue - directory doubled dot dot backslash
  254. Path Issue - directory doubled dot dot slash
  255. Path Issue - dirname/fakechild/
  256. Path Issue - dot dot backslash
  257. Path Issue - doubled dot dot slash
  258. Path Issue - doubled triple dot slash
  259. Path Issue - drive letter or Windows volume - 'C:dirname'
  260. Path Issue - internal dot - 'file.ordir'
  261. Path Issue - internal space - file(SPACE)name
  262. Path Issue - leading directory dot dot backslash
  263. Path Issue - leading directory dot dot slash
  264. Path Issue - leading dot dot backslash
  265. Path Issue - leading dot dot slash
  266. Path Issue - leading space
  267. Path Issue - multiple dot
  268. Path Issue - multiple internal backslash
  269. Path Issue - multiple leading slash
  270. Path Issue - multiple trailing dot
  271. Path Issue - multiple trailing slash
  272. Path Issue - single dot directory
  273. Path Issue - slash absolute path
  274. Path Issue - trailing backslash
  275. Path Issue - trailing dot
  276. Path Issue - trailing slash
  277. Path Issue - trailing space
  278. Path Issue - triple dot
  279. Path Issue - Windows 8.3 Filename
  280. Path Issue - Windows UNC share - '/UNC/share/name/'
  281. Pathname Traversal and Equivalence Errors
  282. Permission errors
  283. Permission preservation failure
  284. Permissions, Privileges, and ACLs
  285. Permissive Whitelist
  286. PHP External Variable Modification
  287. PHP File Inclusion
  288. Plaintext Storage in Cookie
  289. Plaintext Storage in Executable
  290. Plaintext Storage in File or on Disk
  291. Plaintext Storage in GUI
  292. Plaintext Storage in Memory
  293. Plaintext Storage of Sensitive Information
  294. Pointer Issues
  295. Poor Logging Practice: Logger Not Declared Static Final
  296. Poor Logging Practice: Multiple Loggers
  297. Poor Logging Practice: Use of a System Output Stream
  298. Poor Style: Confusing Naming
  299. Poor Style: Empty Synchronized Block
  300. Poor Style: Explicit call to finalize()
  301. Poor Style: Identifier Contains Dollar Symbol ($)
  302. Portability Flaw
  303. Porting Issues
  304. Predictability problems
  305. Predictable Exact Value from Previous Values
  306. Predictable from Observable State
  307. Predictable Seed in PRNG
  308. Predictable Value Range from Previous Values
  309. Privacy Violation
  310. Private Array-Typed Field Returned From A Public Method
  311. Privilege / sandbox errors
  312. Privilege Chaining
  313. Privilege Context Switching Error
  314. Privilege Dropping / Lowering Errors
  315. Privilege Management Error
  316. PRNG Seed Error
  317. Process Control
  318. Process information infoleak to other processes
  319. Product UI does not warn user of unsafe actions
  320. Product-External Error Message Infoleak
  321. Product-Generated Error Message Infoleak
  322. Proxied Trusted Channel
  323. Public Data Assigned to Private Array-Typed Field
  324. Publicizing of private data when using inner classes
  325. Quoting Element
  326. Race condition enabling link following
  327. Race condition in checking for certificate revocation
  328. Race condition in signal handler
  329. Race condition in switch
  330. Race condition within a thread
  331. Race Conditions
  332. Randomness and Predictability
  333. Record Delimiter
  334. Reflection attack in an auth protocol
  335. Reflection injection
  336. Regular Expression Error
  337. Relative path library search
  338. Reliance on data layout
  339. Relying on package-level scope
  340. Representation Errors
  341. Requirements Issues
  342. Resource exhaustion
  343. Resource leaks
  344. Resource Locking problems
  345. Resource Management Errors
  346. Response discrepancy infoleak
  347. Return Inside Finally Block
  348. Reusing a nonce, key pair in encryption
  349. Reversible One-Way Hash
  350. Same Seed in PRNG
  351. Section Delimiter
  352. Sensitive Data Under FTP Root
  353. Sensitive Data Under Web Root
  354. Sensitive Information Uncleared Before Use
  355. Session Fixation
  356. Sign extension error
  357. Signal Errors
  358. Signed to unsigned conversion error
  359. Small Seed Space in PRNG
  360. Small Space of Random Values
  361. Stack overflow
  362. State synchronization error
  363. Static Value in Unpredictable Context
  364. Storing passwords in a recoverable format
  365. String Termination Error
  366. Struts: Duplicate Validation Forms
  367. Struts: Erroneous validate() Method
  368. Struts: Form Bean Does Not Extend Validation Class
  369. Struts: Form Does Not Extend Validation Class
  370. Struts: Form Field Without Validator
  371. Struts: Plug-in Framework Not In Use
  372. Struts: Unused Validation Form
  373. Struts: Unvalidated Action Form
  374. Struts: Validator Turned Off
  375. Struts: Validator Without Form Field
  376. Substitution Character
  377. Symbolic name not mapping to correct object
  378. System Configuration Issues
  379. System Information Leak
  380. System Information Leak: Missing Catch Block
  381. System Operations Issues
  382. Technology-specific Environment Issues
  383. Technology-Specific Input Validation Problems
  384. Technology-Specific Special Elements
  385. Technology-Specific Time and State Issues
  386. Template:Vulnerability
  387. Temporary File Issues
  388. Testing Issues
  389. The UI performs the wrong action
  390. Time and State
  391. Time of check, time of use race condition
  392. Time of Introduction
  393. Time-of-check Time-of-use race condition
  394. Timing discrepancy infoleak
  395. Trailing Special Element
  396. Trapdoor
  397. Truncation error
  398. Truncation of Security-relevant Information
  399. Trust Boundary Violation
  400. Trust of system event data
  401. Trusting self-reported DNS name
  402. Trusting self-reported IP address
  403. UI Misrepresentation of Critical Information
  404. Uncaught exception
  405. Unchecked array indexing
  406. Unchecked Return Value: Missing Check against Null
  407. Uncontrolled Search Path Element
  408. Undefined Behavior
  409. Undefined Parameter Error
  410. Undefined Value Error
  411. Unexpected Status Code or Return Value
  412. Unimplemented or unsupported feature in UI
  413. Uninitialized Variable
  414. Unintended proxy/intermediary
  415. Unintentional pointer scaling
  416. UNIX file descriptor leak
  417. UNIX hard link
  418. UNIX Path Link problems
  419. UNIX symbolic link (symlink) following
  420. Unparsed Raw Web Content Delivery
  421. Unprotected Alternate Channel
  422. Unprotected Primary Channel
  423. Unquoted Search Path or Element
  424. Unreleased Resource
  425. Unrestricted Critical Resource Lock
  426. Unrestricted File Upload
  427. Unsafe function call from a signal handler
  428. Unsafe JNI
  429. Unsafe Mobile Code: Access Violation
  430. Unsafe Mobile Code: Dangerous Array Declaration
  431. Unsafe Mobile Code: Dangerous Public Field
  432. Unsafe Mobile Code: Inner Class
  433. Unsafe Mobile Code: Public finalize() Method
  434. Unsafe Privilege
  435. Unsafe Reflection
  436. Unsigned to signed conversion error
  437. Untrusted Data Appended with Trusted Data
  438. Unverified Ownership
  439. URL Encoding (Hex Encoding)
  440. Use of hard-coded password
  441. Use of Less Trusted Source
  442. Use of Obsolete Methods
  443. Use of sizeof() on a pointer type
  444. User interface inconsistency
  445. User Interface Quality Errors
  446. User Interface Security Errors
  447. User management errors
  448. Using a broken or risky cryptographic algorithm
  449. Using a key past its expiration date
  450. Using freed memory
  451. Using password systems
  452. Using referer field for authentication or authorization
  453. Using single-factor authentication
  454. Using the wrong operator
  455. Validate-Before-Canonicalize
  456. Validate-Before-Filter
  457. Validation performed in client
  458. Value Delimiter
  459. Value Problems
  460. Variable Name Delimiter
  461. Virtual Files
  462. Weak credentials
  463. Weak Encryption
  464. Wrap-around error
  465. Write-what-where condition
  466. Wrong Data Type
  467. Wrong Status Code

Back to TOC