ASDR TOC Vulnerabilities

From OWASP
Revision as of 14:28, 28 January 2009 by KirstenS (Talk | contribs)

Jump to: navigation, search


This page was marked to be reviewed for deletion.


Back to TOC

  1. Access control enforced by presentation layer
  2. Accidental leaking of sensitive information through data queries
  3. Accidental leaking of sensitive information through error messages
  4. Accidental leaking of sensitive information through sent data
  5. Addition of data-structure sentinel
  6. Allowing password aging
  7. ASP.NET Misconfiguration: Creating Debug Binary
  8. ASP.NET Misconfiguration: Missing Custom Error Handling
  9. ASP.NET Misconfiguration: Password in Configuration File
  10. Assigning instead of comparing
  11. Authentication Bypass by Primary Weakness
  12. Authentication Bypass via Assumed-Immutable Data
  13. Behavioral Change
  14. Behavioral Discrepancy Infoleak
  15. Behavioral problems
  16. Buffer Overflow
  17. Buffer over-read
  18. Buffer under-read
  19. Buffer underwrite
  20. Bundling Issues
  21. Byte/Object Code
  22. Capture-replay
  23. Case Sensitivity (lowercase, uppercase, mixed case)
  24. Catch NullPointerException
  25. Channel and Path Errors
  26. Cleansing, Canonicalization, and Comparison Errors
  27. Code Correctness: Call to System.gc()
  28. Code Correctness: Call to Thread.run()
  29. Code Correctness: Class Does Not Implement Cloneable
  30. Code Correctness: Double-Checked Locking
  31. Code Correctness: Erroneous finalize() Method
  32. Code Correctness: Erroneous String Compare
  33. Code Correctness: Misspelled Method Name
  34. Code Correctness: null Argument to equals()
  35. Collapse of Data into Unsafe Value
  36. Common Special Element Manipulations
  37. Comparing classes by name
  38. Comparing instead of assigning
  39. Comprehensive list of Threats to Authentication Procedures and Data
  40. Context Switching Race Condition
  41. Covert timing channel
  42. CRLF Injection
  43. Cross Site Scripting Flaw
  44. Cross-Boundary Cleansing Infoleak
  45. Dangerous Function
  46. Dangerous handler not cleared/disabled during sensitive operations
  47. Data Amplification
  48. Data Leaking Between Users
  49. Data Structure Issues
  50. Dead Code: Broken Override
  51. Dead Code: Expression is Always False
  52. Dead Code: Expression is Always True
  53. Dead Code: Unused Field
  54. Dead Code: Unused Method
  55. Deletion of data-structure sentinel
  56. Delimiter between Expressions or Commands
  57. Delimiter Problems
  58. Deserialization of untrusted data
  59. Directory Restriction Error
  60. Discrepancy Information Leaks
  61. Double Free
  62. Doubled character XSS manipulations
  63. Doubly freeing memory
  64. Duplicate key in associative list (alist)
  65. Early Amplification
  66. EJB Bad Practices: Use of AWT/Swing
  67. EJB Bad Practices: Use of Class Loader
  68. EJB Bad Practices: Use of java.io
  69. EJB Bad Practices: Use of Sockets
  70. EJB Bad Practices: Use of Synchronization Primitives
  71. Empty Catch Block
  72. Empty String Password
  73. Error Conditions, Return Values, Status Codes
  74. Error Message Infoleaks
  75. Escape, Meta, or Control Character / Sequence
  76. Expected behavior violation
  77. External behavioral inconsistency infoleak
  78. External initialization of trusted variables or values
  79. Extra Parameter Error
  80. Extra Special Element
  81. Extra Unhandled Features
  82. Extra Value Error
  83. Fails poorly due to insufficient permissions
  84. Failure of true random number generator
  85. Failure to account for default case in switch
  86. Failure to add integrity check value
  87. Failure to check for certificate revocation
  88. Failure to check integrity check value
  89. Failure to check whether privileges were dropped successfully
  90. Failure to deallocate data
  91. Failure to drop privileges when reasonable
  92. Failure to encrypt data
  93. Failure to follow chain of trust in certificate validation
  94. Failure to protect stored data from modification
  95. Failure to provide confidentiality for stored data
  96. Failure to validate certificate expiration
  97. Failure to validate host-specific certificate data
  98. File Access Race Condition: TOCTOU
  99. Format String
  100. General Special Element Problems
  101. Grouping Element / Paired Delimiter
  102. Guessed or visible temporary file
  103. Hard-Coded Password
  104. Heap Inspection
  105. Heap overflow
  106. Ignored function return value
  107. Illegal Pointer Value
  108. Improper cleanup on thrown exception
  109. Improper error handling
  110. Improper Handler Deployment
  111. Improper Null Termination
  112. Improper resource shutdown or release
  113. Improper string length checking
  114. Improper temp file opening
  115. Improperly Implemented Security Check for Standard
  116. Improperly Trusted Reverse DNS
  117. Improperly Verified Signature
  118. Incomplete Blacklist
  119. Incomplete Cleanup
  120. Incomplete Element
  121. Incomplete Internal State Distinction
  122. Inconsistent Implementations
  123. Inconsistent Special Elements
  124. Incorrect block delimitation
  125. Incorrect initialization
  126. Incorrect Privilege Assignment
  127. Infoleak Using Debug Information
  128. Information Leak (information disclosure)
  129. Information leak through class cloning
  130. Information leak through serialization
  131. Information loss or omission
  132. Initialization and Cleanup Errors
  133. Injection problem
  134. Input Terminator
  135. Insecure Compiler Optimization
  136. Insecure Default Permissions
  137. Insecure default variable initialization
  138. Insecure execution-assigned permissions
  139. Insecure inherited permissions
  140. Insecure preserved inherited permissions
  141. Insecure Randomness
  142. Insecure Temporary File
  143. Insecure Third Party Domain Access
  144. Installation Issues
  145. Insufficient Entropy
  146. Insufficient entropy in pseudo-random number generator
  147. Insufficient privileges
  148. Insufficient Resource Locking
  149. Insufficient Resource Pool
  150. Insufficient Type Distinction
  151. Insufficient UI warning of dangerous operations
  152. Insufficient Verification of Data
  153. Integer coercion error
  154. Integer overflow
  155. Intended information leak
  156. Interaction Errors
  157. Internal behavioral inconsistency infoleak
  158. Internal Special Element
  159. Invalid Characters in Identifiers
  160. Invoking untrusted mobile code
  161. J2EE Bad Practices: getConnection()
  162. J2EE Bad Practices: JSP Expressions
  163. J2EE Bad Practices: Sockets
  164. J2EE Bad Practices: System.exit()
  165. J2EE Bad Practices: Threads
  166. J2EE Misconfiguration: Insecure Transport
  167. J2EE Misconfiguration: Insufficient Session-ID Length
  168. J2EE Misconfiguration: Missing Error Handling
  169. J2EE Misconfiguration: Unsafe Bean Declaration
  170. J2EE Misconfiguration: Weak Access Permissions
  171. J2EE Time and State Issues
  172. Key exchange without entity authentication
  173. Key management errors
  174. Leading Special Element
  175. Least Privilege Violation
  176. Leftover Debug Code
  177. Length Parameter Inconsistency
  178. Line Delimiter
  179. Log Forging
  180. Log injection
  181. Mac virtual file problems
  182. Macro symbol
  183. Member Field Race Condition
  184. Memory leak
  185. Miscalculated null termination
  186. Misinterpretation error
  187. Misinterpreted function return value
  188. Missing access control
  189. Missing critical step in authentication
  190. Missing element error
  191. Missing error status code
  192. Missing handler
  193. Missing initialization
  194. Missing lock check
  195. Missing parameter
  196. Missing required cryptographic step
  197. Missing special element
  198. Missing value error
  199. Missing XML Validation
  200. Mixed encoding
  201. Modification of assumed-immutable data
  202. Multiple failed authentication attempts not prevented
  203. Multiple internal special element
  204. Multiple interpretation error (MIE)
  205. Multiple interpretations of UI input
  206. Multiple Leading Special Elements
  207. Multiple Trailing Special Elements
  208. Mutable object returned
  209. Mutable objects passed by reference
  210. No authentication for critical function
  211. Non-cryptographic pseudo-random number generator
  212. Non-exit on failed initialization
  213. Non-replicating
  214. Not allowing password aging
  215. Not using a random initialization vector with cipher block chaining mode
  216. Null character / null byte
  217. Null Dereference
  218. Numeric Byte Ordering Error
  219. Numeric Errors
  220. Object Model Violation: Just One of equals() and hashCode() Defined
  221. Obscured Security-relevant Information by Alternate Name
  222. Obsolete feature in UI
  223. Off-by-one Error
  224. Often Misused: Authentication
  225. Often Misused: Exception Handling
  226. Often Misused: File System
  227. Often Misused: Path Manipulation
  228. Often Misused: Privilege Management
  229. Often Misused: String Management
  230. Omission of Security-relevant Information
  231. Omitted break statement
  232. Open forward
  233. Open redirect
  234. Origin Validation Error
  235. Other length calculation error
  236. Out-of-bounds Read
  237. Overflow of static internal buffer
  238. Overly Restrictive Regular Expression
  239. Overly-Broad Catch Block
  240. Overly-Broad Throws Declaration
  241. Ownership errors
  242. Parameter Problems
  243. Partial Comparison
  244. Passing mutable objects to an untrusted method
  245. Password Management: Hardcoded Password
  246. Password Management: Weak Cryptography
  247. Password Plaintext Storage
  248. Patch Issues
  249. Path Equivalence
  250. Path Issue - asterisk wildcard - filedir*
  251. Path Issue - backslash absolute path - /absolute/pathname/here
  252. Path Issue - directory doubled dot dot backslash
  253. Path Issue - directory doubled dot dot slash
  254. Path Issue - dirname/fakechild/
  255. Path Issue - dot dot backslash
  256. Path Issue - doubled dot dot slash
  257. Path Issue - doubled triple dot slash
  258. Path Issue - drive letter or Windows volume - 'C:dirname'
  259. Path Issue - internal dot - 'file.ordir'
  260. Path Issue - internal space - file(SPACE)name
  261. Path Issue - leading directory dot dot backslash
  262. Path Issue - leading directory dot dot slash
  263. Path Issue - leading dot dot backslash
  264. Path Issue - leading dot dot slash
  265. Path Issue - leading space
  266. Path Issue - multiple dot
  267. Path Issue - multiple internal backslash
  268. Path Issue - multiple leading slash
  269. Path Issue - multiple trailing dot
  270. Path Issue - multiple trailing slash
  271. Path Issue - single dot directory
  272. Path Issue - slash absolute path
  273. Path Issue - trailing backslash
  274. Path Issue - trailing dot
  275. Path Issue - trailing slash
  276. Path Issue - trailing space
  277. Path Issue - triple dot
  278. Path Issue - Windows 8.3 Filename
  279. Path Issue - Windows UNC share - '/UNC/share/name/'
  280. Pathname Traversal and Equivalence Errors
  281. Permission errors
  282. Permission preservation failure
  283. Permissions, Privileges, and ACLs
  284. Permissive Whitelist
  285. PHP External Variable Modification
  286. PHP File Inclusion
  287. Plaintext Storage in Cookie
  288. Plaintext Storage in Executable
  289. Plaintext Storage in File or on Disk
  290. Plaintext Storage in GUI
  291. Plaintext Storage in Memory
  292. Plaintext Storage of Sensitive Information
  293. Pointer Issues
  294. Poor Logging Practice: Logger Not Declared Static Final
  295. Poor Logging Practice: Multiple Loggers
  296. Poor Logging Practice: Use of a System Output Stream
  297. Poor Style: Confusing Naming
  298. Poor Style: Empty Synchronized Block
  299. Poor Style: Explicit call to finalize()
  300. Poor Style: Identifier Contains Dollar Symbol ($)
  301. Portability Flaw
  302. Porting Issues
  303. Predictability problems
  304. Predictable Exact Value from Previous Values
  305. Predictable from Observable State
  306. Predictable Seed in PRNG
  307. Predictable Value Range from Previous Values
  308. Privacy Violation
  309. Private Array-Typed Field Returned From A Public Method
  310. Privilege / sandbox errors
  311. Privilege Chaining
  312. Privilege Context Switching Error
  313. Privilege Dropping / Lowering Errors
  314. Privilege Management Error
  315. PRNG Seed Error
  316. Process Control
  317. Process information infoleak to other processes
  318. Product UI does not warn user of unsafe actions
  319. Product-External Error Message Infoleak
  320. Product-Generated Error Message Infoleak
  321. Proxied Trusted Channel
  322. Public Data Assigned to Private Array-Typed Field
  323. Publicizing of private data when using inner classes
  324. Quoting Element
  325. Race condition enabling link following
  326. Race condition in checking for certificate revocation
  327. Race condition in signal handler
  328. Race condition in switch
  329. Race condition within a thread
  330. Race Conditions
  331. Randomness and Predictability
  332. Record Delimiter
  333. Reflection attack in an auth protocol
  334. Reflection injection
  335. Regular Expression Error
  336. Relative path library search
  337. Reliance on data layout
  338. Relying on package-level scope
  339. Representation Errors
  340. Requirements Issues
  341. Resource exhaustion
  342. Resource leaks
  343. Resource Locking problems
  344. Resource Management Errors
  345. Response discrepancy infoleak
  346. Return Inside Finally Block
  347. Reusing a nonce, key pair in encryption
  348. Reversible One-Way Hash
  349. Same Seed in PRNG
  350. Section Delimiter
  351. Sensitive Data Under FTP Root
  352. Sensitive Data Under Web Root
  353. Sensitive Information Uncleared Before Use
  354. Session Fixation
  355. Sign extension error
  356. Signal Errors
  357. Signed to unsigned conversion error
  358. Small Seed Space in PRNG
  359. Small Space of Random Values
  360. Stack overflow
  361. State synchronization error
  362. Static Value in Unpredictable Context
  363. Storing passwords in a recoverable format
  364. String Termination Error
  365. Struts: Duplicate Validation Forms
  366. Struts: Erroneous validate() Method
  367. Struts: Form Bean Does Not Extend Validation Class
  368. Struts: Form Does Not Extend Validation Class
  369. Struts: Form Field Without Validator
  370. Struts: Plug-in Framework Not In Use
  371. Struts: Unused Validation Form
  372. Struts: Unvalidated Action Form
  373. Struts: Validator Turned Off
  374. Struts: Validator Without Form Field
  375. Substitution Character
  376. Symbolic name not mapping to correct object
  377. System Configuration Issues
  378. System Information Leak
  379. System Information Leak: Missing Catch Block
  380. System Operations Issues
  381. Technology-specific Environment Issues
  382. Technology-Specific Input Validation Problems
  383. Technology-Specific Special Elements
  384. Technology-Specific Time and State Issues
  385. Template:Vulnerability
  386. Temporary File Issues
  387. Testing Issues
  388. The UI performs the wrong action
  389. Time and State
  390. Time of check, time of use race condition
  391. Time of Introduction
  392. Time-of-check Time-of-use race condition
  393. Timing discrepancy infoleak
  394. Trailing Special Element
  395. Trapdoor
  396. Truncation error
  397. Truncation of Security-relevant Information
  398. Trust Boundary Violation
  399. Trust of system event data
  400. Trusting self-reported DNS name
  401. Trusting self-reported IP address
  402. UI Misrepresentation of Critical Information
  403. Uncaught exception
  404. Unchecked array indexing
  405. Unchecked Return Value: Missing Check against Null
  406. Uncontrolled Search Path Element
  407. Undefined Behavior
  408. Undefined Parameter Error
  409. Undefined Value Error
  410. Unexpected Status Code or Return Value
  411. Unimplemented or unsupported feature in UI
  412. Uninitialized Variable
  413. Unintended proxy/intermediary
  414. Unintentional pointer scaling
  415. UNIX file descriptor leak
  416. UNIX hard link
  417. UNIX Path Link problems
  418. UNIX symbolic link (symlink) following
  419. Unparsed Raw Web Content Delivery
  420. Unprotected Alternate Channel
  421. Unprotected Primary Channel
  422. Unquoted Search Path or Element
  423. Unreleased Resource
  424. Unrestricted Critical Resource Lock
  425. Unrestricted File Upload
  426. Unsafe function call from a signal handler
  427. Unsafe JNI
  428. Unsafe Mobile Code: Access Violation
  429. Unsafe Mobile Code: Dangerous Array Declaration
  430. Unsafe Mobile Code: Dangerous Public Field
  431. Unsafe Mobile Code: Inner Class
  432. Unsafe Mobile Code: Public finalize() Method
  433. Unsafe Privilege
  434. Unsafe Reflection
  435. Unsigned to signed conversion error
  436. Untrusted Data Appended with Trusted Data
  437. Unverified Ownership
  438. URL Encoding (Hex Encoding)
  439. Use of hard-coded password
  440. Use of Less Trusted Source
  441. Use of Obsolete Methods
  442. Use of sizeof() on a pointer type
  443. User interface inconsistency
  444. User Interface Quality Errors
  445. User Interface Security Errors
  446. User management errors
  447. Using a broken or risky cryptographic algorithm
  448. Using a key past its expiration date
  449. Using freed memory
  450. Using password systems
  451. Using referer field for authentication or authorization
  452. Using single-factor authentication
  453. Using the wrong operator
  454. Validate-Before-Canonicalize
  455. Validate-Before-Filter
  456. Validation performed in client
  457. Value Delimiter
  458. Value Problems
  459. Variable Name Delimiter
  460. Virtual Files
  461. Weak credentials
  462. Weak Encryption
  463. Wrap-around error
  464. Write-what-where condition
  465. Wrong Data Type
  466. Wrong Status Code

Back to TOC