ASDR TOC Vulnerabilities
- lyva
- Dec 28, 2011
- 0 Comment
Source: https://www.owasp.org/index.php/ASDR_TOC_Vulnerabilities
- Access control enforced by presentation layer
- Addition of data-structure sentinel
- Allowing password aging
- ASP.NET Misconfigurations
- Assigning instead of comparing
- Authentication Bypass via Assumed-Immutable Data
- Buffer Overflow
- Buffer underwrite
- Business logic vulnerability
- Capture-replay
- Catch NullPointerException
- Comparing classes by name
- Comparing instead of assigning
- Comprehensive list of Threats to Authentication Procedures and Data
- Covert timing channel
- CRLF Injection
- Cross Site Scripting Flaw
- Dangerous Function
- Deletion of data-structure sentinel
- Deserialization of untrusted data
- Directory Restriction Error
- Double Free
- Doubly freeing memory
- Duplicate key in associative list (alist)
- Empty Catch Block
- Empty String Password
- Failure of true random number generator
- Failure to account for default case in switch
- Failure to add integrity check value
- Failure to check for certificate revocation
- Failure to check integrity check value
- Failure to check whether privileges were dropped successfully
- Failure to deallocate data
- Failure to drop privileges when reasonable
- Failure to encrypt data
- Failure to follow chain of trust in certificate validation
- Failure to follow guideline/specification
- Failure to protect stored data from modification
- Failure to provide confidentiality for stored data
- Failure to validate certificate expiration
- Failure to validate host-specific certificate data
- File Access Race Condition: TOCTOU
- Format String
- Guessed or visible temporary file
- Hard-Coded Password
- Heap Inspection
- Heap overflow
- Ignored function return value
- Illegal Pointer Value
- Improper cleanup on thrown exception
- Improper Data Validation
- Improper error handling
- Improper string length checking
- Improper temp file opening
- Incorrect block delimitation
- Information Leakage
- Information leak through class cloning
- Information leak through serialization
- Injection problem
- Insecure Compiler Optimization
- Insecure Randomness
- Insecure Temporary File
- Insecure Third Party Domain Access
- Insecure Transport
- Insufficient Entropy
- Insufficient entropy in pseudo-random number generator
- Insufficient Session-ID Length
- Integer coercion error
- Integer overflow
- Invoking untrusted mobile code
- J2EE Misconfiguration: Unsafe Bean Declaration
- Key exchange without entity authentication
- Least Privilege Violation
- Leftover Debug Code
- Log Forging
- Log injection
- Member Field Race Condition
- Memory leak
- Miscalculated null termination
- Misinterpreted function return value
- Missing Error Handling
- Missing parameter
- Missing XML Validation
- Mutable object returned
- Non-cryptographic pseudo-random number generator
- Not allowing password aging
- Not using a random initialization vector with cipher block chaining mode
- Null Dereference
- Object Model Violation: Just One of equals() and hashCode() Defined
- Often Misused: Authentication
- Often Misused: Exception Handling
- Often Misused: File System
- Often Misused: Privilege Management
- Often Misused: String Management
- Omitted break statement
- Open forward
- Open redirect
- Overflow of static internal buffer
- Overly-Broad Catch Block
- Overly-Broad Throws Declaration
- Passing mutable objects to an untrusted method
- Password Management: Hardcoded Password
- Password Management: Weak Cryptography
- Password Plaintext Storage
- PHP File Inclusion
- Poor Logging Practice
- Portability Flaw
- Privacy Violation
- PRNG Seed Error
- Process Control
- Publicizing of private data when using inner classes
- Race Conditions
- Reflection attack in an auth protocol
- Reflection injection
- Relative path library search
- Reliance on data layout
- Relying on package-level scope
- Resource exhaustion
- Return Inside Finally Block
- Reusing a nonce, key pair in encryption
- Session_Fixation
- Sign extension error
- Signed to unsigned conversion error
- Stack overflow
- State synchronization error
- Storing passwords in a recoverable format
- String Termination Error
- Symbolic name not mapping to correct object
- Template:Vulnerability
- Truncation error
- Trust Boundary Violation
- Trust of system event data
- Trusting self-reported DNS name
- Trusting self-reported IP address
- Uncaught exception
- Unchecked array indexing
- Unchecked Return Value: Missing Check against Null
- Undefined Behavior
- Uninitialized Variable
- Unintentional pointer scaling
- Unreleased Resource
- Unrestricted File Upload
- Unsafe function call from a signal handler
- Unsafe JNI
- Unsafe Mobile Code
- Unsafe Reflection
- Unsigned to signed conversion error
- Use of hard-coded password
- Use of Obsolete Methods
- Use of sizeof() on a pointer type
- Using a broken or risky cryptographic algorithm
- Using a key past its expiration date
- Using freed memory
- Using password systems
- Using referer field for authentication or authorization
- Using single-factor authentication
- Using the wrong operator
- Validation performed in client
- Wrap-around error
- Write-what-where condition