Presentation is loading. Please wait.

Presentation is loading. Please wait.

Host and Application Security Lesson 9: Vulnerabilities, part 1.

Published byTiffany Horn Modified over 9 years ago

Similar presentations

Presentation on theme: "Host and Application Security Lesson 9: Vulnerabilities, part 1."— Presentation transcript:

1 Host and Application Security Lesson 9: Vulnerabilities, part 1

2 We now have a background…  … in how things are supposed to work

3 Escalation of Privilege  Now we know about authentication and access control, what is this about?  Right!  Two kinds: Horizontal Vertical

4  Get access to something that has more privilege than you  Example: passwd bugs in Unix  In this case, this violates TOCTOU

5 Horizontal  User A gets to read User B’s files  An example might be predictable session IDs or user IDs in a web application  User A doesn’t escalate, but they do get more…

6 Race Conditions  A race condition is where the output of a system depends upon the timing of the input  This can occur at all kinds of levels – even a logic gate!  A race condition can occur when multiple threads access a global variable without locking

7 Misconfigurations  A web server which allows remote users to access things they should not  A sendmail server that allows relay  Smurf: missing no ip directed-broadcast

8 Design Flaws  A design flaw is perhaps the worst kind of vulnerability to fix  Case study: Microsoft Word Macro Viruses  Simple example: sendmail debug vulnerability

9 Questions?

Download ppt "Host and Application Security Lesson 9: Vulnerabilities, part 1."

Similar presentations

Communications of the ACM (CACM), Vol. 32, No. 6, June 1989

Communications of the ACM (CACM), Vol. 32, No. 6, June 1989
The Hacker Mindset CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

The Hacker Mindset CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
1 Steve Chenoweth Friday, 10/21/11 Week 7, Day 4 Right – Good or bad policy? – Asking the user what to do next! From malware.net/how-to-remove-protection-system-

1 Steve Chenoweth Friday, 10/21/11 Week 7, Day 4 Right – Good or bad policy? – Asking the user what to do next! From malware.net/how-to-remove-protection-system-
Remote Access Network Management Kelly Given Allison Traina.

Remote Access Network Management Kelly Given Allison Traina.
© 2003 School of Computing, University of Leeds SY32 Secure Computing, Lecture 15 Implementation Flaws Part 3: Randomness and Timing Issues.

© 2003 School of Computing, University of Leeds SY32 Secure Computing, Lecture 15 Implementation Flaws Part 3: Randomness and Timing Issues.
Embedded Network Controller with Web Interface Bradley University Department of Electrical & Computer Engineering By: Ed Siok Advisor: Dr. Malinowski.

Embedded Network Controller with Web Interface Bradley University Department of Electrical & Computer Engineering By: Ed Siok Advisor: Dr. Malinowski.
Building Secure Software Chapter 9 Race Conditions.

Building Secure Software Chapter 9 Race Conditions.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
1 Security and Software Engineering Steven M. Bellovin AT&T Labs – Research

1 Security and Software Engineering Steven M. Bellovin AT&T Labs – Research
In a not gate, if the input is on(1) the output is off (0) and vice versa.

In a not gate, if the input is on(1) the output is off (0) and vice versa.
SilkPerformer 2009 SilkPerformer.NET Explorer Samples.

SilkPerformer 2009 SilkPerformer.NET Explorer Samples.
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
Web Security Demystified Justin C. Klein Keane Sr. InfoSec Specialist University of Pennsylvania School of Arts and Sciences Information Security and Unix.

Web Security Demystified Justin C. Klein Keane Sr. InfoSec Specialist University of Pennsylvania School of Arts and Sciences Information Security and Unix.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Software Security CS461/ECE422 Spring 2012. Reading Material Chapter 12 of the text.

Software Security CS461/ECE422 Spring Reading Material Chapter 12 of the text.
Lesson 15 Client Side Vulnerabilities and you. Active Server Pages MS’s answer to the scripting world of PERL and CGI on Unix Usually Written In Visual.

Lesson 15 Client Side Vulnerabilities and you. Active Server Pages MS’s answer to the scripting world of PERL and CGI on Unix Usually Written In Visual.
IST 210 Web Application Security. IST 210 Introduction Security is a process of authenticating users and controlling what a user can see or do.

IST 210 Web Application Security. IST 210 Introduction Security is a process of authenticating users and controlling what a user can see or do.
CMSC 414 Computer (and Network) Security Lecture 14 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 14 Jonathan Katz.
Security Testing Case Study 360logica Software Testing Services.

Security Testing Case Study 360logica Software Testing Services.

Similar presentations

Ads by Google