Security: Impact of Various Vulnerabilities - Paiet/Tech-Journal-for-Everything GitHub Wiki
Race conditions
A situation in which a system tries to accomplish two or more operations at the same time.
If the operations need to be processed sequentially, there might be a condition in which the operations are processed incorrectly causing a crash or data corruptions
Light switch analogy (more than one can render all of the switches irrelevant)
A system receives two operations on a large amount of data in which one operation is read, and one is write.
Old data might be overwritten before the read process finishes
Vulnerabilities due to:
End-of-life systems
Embedded systems
Lack of software updates
Could be new technology with old software
Code injection attacks
Lack of vendor support
Improper input handling
Application trusting, external entity trusting
Not checking/validating the data coming from the client or external source
Not checking for syntax correctness
Larger or more complex applications can have multiple data entry points
DoS situations can happen when a resource exhaustion is accomplished by flooding the system with unexpected input.
Improper error handling
Examples (Incorrect)
Login for User: Invalid Password
Login Failed: Invalid User ID
Login Failed: Account Disabled
Login Failed: User is not active
Examples (Correct)
Login Failed: Invalid UserID or Password
Misconfiguration/weak configuration
Default configuration
Resource exhaustion(mentioned in Improper input handling)
Untrained users
Improperly configured accounts
Guest Accounts
Administrator Accounts
Shared Accounts
Managed Service Accounts
Not Implementing SSO
Vulnerable business processes
Any process that when interrupted could imperial the dependability of that process. Vulnerability management tools as well as trend analysis should be implemented to correctly identify these processes along with their associated dependencies.
Weak cipher suites and implementations
SSL 2.0/3.0
TLS 1.0(no downgrade to SSL 3.0), 1.1, 1.2
WEP, WPA, WPA2
PPTP/MPPE vs L2TP/IPSec
RC4 vs RC5
Memory/buffer vulnerability
Memory leak
Integer overflow
8 Bits of data are required to store the number 155(10011011) and if a process adds 101 to this value then 8 bits no longer holds the results of the process as 256 takes 9 bits or = 100000000
Buffer overflow
Pointer dereference
Also known as NULL pointer dereference
Can cause application crashes
Can cause code injection depending on application privileges.
DLL injection
Attach to the process
Allocate Memory within the process
Copy the DLL or the DLL Path into the processes memory and determine appropriate memory addresses
Instruct the process to Execute your DLL
System sprawl
Sprawl is a common issue when configuration management and baselines are not implemented. When a system sprawls its can consume more resources than necessary as well as stray from it's baseline configuration. Properly documented configuration management can assist with this vulnerability.
Architecture/design weaknesses
Design flaws within a system can expose business processes, data and devices to multiple vulnerabilities. For example unpatched systems, lack of malware protection, lack of input validation.....etc. The design and architecture of a system needs to be reviewed continually to ensure proper security.
New threats/zero day
Most tools rely on a database of only KNOWN threats
Polymorphic, code morphing, and obfuscation techniques make it hard for these tools to maintain a database on known threats
On average a threat can remain unknown to the public including vendors from 8 months to a year
very popular for purchase on the black market
Improper certificate and key management
Unauthorized disclosure of the private key
Key modification
Key integrity issue or corruption
Improper key usage (show key usage in Chrome > Developer Tools > Security Tab at top)