Verfügbarkeit: The art of software security assessment

The art of software security assessment: identifying and preventing software vulnerabilities

Gespeichert in:

Bibliographische Detailangaben
1. Verfasser:	Dowd, Mark (VerfasserIn)
Format:	Buch
Sprache:	English
Veröffentlicht:	Upper Saddle River, NJ [u.a.] Addison-Wesley 2007
Ausgabe:	2. print.
Schlagworte:	Logiciels - Vérification Réseaux d'ordinateurs - Sécurité - Mesures Sécurité informatique Computer security Computer software > Development Computer networks > Security measures Softwareentwicklung Softwareschwachstelle Computersicherheit
Online-Zugang:	Table of contents only Inhaltsverzeichnis
Beschreibung:	XXI, 1174 S. Ill., graph. Darst.
ISBN:	9780321444424 0321444426

Internformat

MARC


LEADER	00000nam a2200000zc 4500
001	BV022215836
003	DE-604
005	20100624
007	t
008	070108s2007 xxuad\|\| \|\|\|\| 00\|\|\| eng d
010			\|a 2006023446
020			\|a 9780321444424 \|9 978-0-321-44442-4
020			\|a 0321444426 \|c pbk. : alk. paper \|9 0-321-44442-6
035			\|a (OCoLC)70836623
035			\|a (DE-599)BVBBV022215836
040			\|a DE-604 \|b ger \|e aacr
041	0		\|a eng
044			\|a xxu \|c US
049			\|a DE-91G \|a DE-824 \|a DE-92 \|a DE-706 \|a DE-634 \|a DE-20 \|a DE-522 \|a DE-355
050		0	\|a QA76.9.A25
082	0		\|a 005.8
084			\|a ST 230 \|0 (DE-625)143617: \|2 rvk
084			\|a ST 276 \|0 (DE-625)143642: \|2 rvk
084			\|a ST 277 \|0 (DE-625)143643: \|2 rvk
084			\|a DAR 465f \|2 stub
100	1		\|a Dowd, Mark \|e Verfasser \|4 aut
245	1	0	\|a The art of software security assessment \|b identifying and preventing software vulnerabilities \|c Mark Dowd ; John McDonald ; Justin Schuh
250			\|a 2. print.
264		1	\|a Upper Saddle River, NJ [u.a.] \|b Addison-Wesley \|c 2007
300			\|a XXI, 1174 S. \|b Ill., graph. Darst.
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
650		4	\|a Logiciels - Vérification
650		4	\|a Réseaux d'ordinateurs - Sécurité - Mesures
650		4	\|a Sécurité informatique
650		4	\|a Computer security
650		4	\|a Computer software \|x Development
650		4	\|a Computer networks \|x Security measures
650	0	7	\|a Softwareentwicklung \|0 (DE-588)4116522-6 \|2 gnd \|9 rswk-swf
650	0	7	\|a Softwareschwachstelle \|0 (DE-588)4752508-3 \|2 gnd \|9 rswk-swf
650	0	7	\|a Computersicherheit \|0 (DE-588)4274324-2 \|2 gnd \|9 rswk-swf
689	0	0	\|a Softwareschwachstelle \|0 (DE-588)4752508-3 \|D s
689	0	1	\|a Softwareentwicklung \|0 (DE-588)4116522-6 \|D s
689	0		\|5 DE-604
689	1	0	\|a Computersicherheit \|0 (DE-588)4274324-2 \|D s
689	1		\|8 1\p \|5 DE-604
700	1		\|a McDonald, John \|d 1977- \|e Sonstige \|0 (DE-588)13840030X \|4 oth
700	1		\|a Schuh, Justin \|e Sonstige \|4 oth
856	4		\|u http://www.loc.gov/catdir/toc/ecip0618/2006023446.html \|3 Table of contents only
856	4	2	\|m DNB Datenaustausch \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015427129&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
999			\|a oai:aleph.bib-bvb.de:BVB01-015427129
883	1		\|8 1\p \|a cgwrk \|d 20201028 \|q DE-101 \|u https://d-nb.info/provenance/plan#cgwrk

Datensatz im Suchindex

_version_	1804136197127143424
adam_text	THE ART OF SOFTWARE SECURITY ASSESSMENT IDENTIFYING AND PREVENTING SOFTWARE VULNERABILITI ES MARKDOWD JOHN MCDONALD JUSTIN SCHUH AADDISON-WESLEY UPPER SADDLE RIVER, NJ * BOSTON * INDIANAPOLIS * SAN FRANCISCO NEW YORK * TORONTO * MONTREAL * LONDON * MUNICH * PARIS * MADRID CAPE TOWN * SYDNEY * TOKYO * SINGAPORE * MEXICO CITY TABLE OF CONTENTS ABOUT THE AUTHORS XV PREFACE XVII ACKNOWLEDGMENTS XXI I INTRODUCTION TO SOFTWARE SECURITY ASSESSMENT 1 SOFTWARE VULNERABILITY FUNDAMENTALS 3 INTRODUCTION 3 VULNERABILITIES 4 SECURITY POLICIES 5 SECURITY EXPECTATIONS 7 THE NECESSITY OF AUDITING 9 AUDITING VERSUS BLACK BOX TESTING 11 CODE AUDITING AND THE DEVELOPMENT LIFE CYCLE 13 CLASSIFYING VULNERABILITIES 14 DESIGN VULNERABILITIES 14 IMPLEMENTATION VULNERABILITIES 15 OPERATIONAL VULNERABILITIES 16 GRAY AREAS 17 COMMON THREADS 18 INPUT AND DATA FLOW 18 TRUST RELATIONSHIPS 19 ASSUMPTIONS AND MISPLACED TRUST 20 INTERFACES 21 ENVIRONMENTAL ATTACKS 21 EXCEPTIONAL CONDITIONS 22 SUMMARY 23 2 DESIGN REVIEW 25 INTRODUCTION 25 SOFTWARE DESIGN FUNDAMENTALS 26 ALGORITHMS 26 ABSTRACTION AND DECOMPOSITION 27 TRUST RELATIONSHIPS 28 PRINCIPLES OF SOFTWARE DESIGN 31 FUNDAMENTAL DESIGN FLAWS 33 ENFORCING SECURITY POLICY 36 AUTHENTICATION 36 AUTHORIZATION 38 ACCOUNTABILITY 40 CONFIDENTIALITY 41 V TABLE OF CONTENTS INTEGRITY 45 AVAILABILITY 48 THREAT MODELING 49 INFORMATION COLLECTION 50 APPLICATION ARCHITECTURE MODELING 53 THREAT IDENTIFICATION 59 DOCUMENTATION OF FINDINGS 62 PRIORITIZING THE IMPLEMENTATION REVIEW 65 SUMMARY 66 OPERATIONAL REVIEW 67 INTRODUCTION 67 EXPOSURE 68 ATTACK SURFACE 68 INSECURE DEFAULTS 69 ACCESS CONTROL 69 UNNECESSARY SERVICES 70 SECURE CHANNELS 71 SPOOFING AND IDENTIFICATION 72 NETWORK PROFILES 73 WEB-SPECIFIC CONSIDERATIONS 73 HTTP REQUEST METHODS 73 DIRECTORY INDEXING 74 FILE HANDLERS 74 AUTHENTICATION 75 DEFAULT SITE INSTALLATIONS 75 OVERLY VERBOSE ERROR MESSAGES 75 PUBLIC-FACING ADMINISTRATIVE INTERFACES 76 PROTECTIVE MEASURES 76 DEVELOPMENT MEASURES 76 HOST-BASED MEASURES 79 NETWORK-BASED MEASURES 83 SUMMARY 89 4 APPLICATION REVIEW PROCESS 91 INTRODUCTION 91 OVERVIEW OF THE APPLICATION REVIEW PROCESS 92 RATIONALE 92 PROCESS OUTLINE 93 PREASSESSMENT 93 SCOPING 94 APPLICATION ACCESS 95 INFORMATION COLLECTION 96 APPLICATION REVIEW 97 AVOID DROWNING 98 ITERATIVE PROCESS 98 INITIAL PREPARATION 99 PLAN 101 WORK 103 REFLECT 105 DOCUMENTATION AND ANALYSIS 106 REPORTING AND REMEDIATION SUPPORT 108 CODE NAVIGATION 109 EXTERNAL FLOW SENSITIVITY 109 TRACING DIRECTION 111 CODE-AUDITING STRATEGIES 111 CODE COMPREHENSION STRATEGIES 113 CANDIDATE POINT STRATEGIES 119 DESIGN GENERALIZATION STRATEGIES 128 CODE-AUDITING TECHNIQUES 133 INTERNAL FLOW ANALYSIS 133 SUBSYSTEM AND DEPENDENCY ANALYSIS 135 REREADING CODE 136 DESK-CHECKING 137 TABLE OF CONTENTS TEST CASES 139 CODE AUDITOR S TOOLBOX 147 SOURCE CODE NAVIGATORS 148 DEBUGGERS 151 BINARY NAVIGATION TOOLS 155 FUZZ-TESTING TOOLS 157 CASE STUDY: OPENSSH 158 PREASSESSMENT 159 IMPLEMENTATION ANALYSIS 161 HIGH-LEVEL ATTACK VECTORS 162 DOCUMENTATION OF FINDINGS 164 SUMMARY 164 II SOFTWARE VULNERABILITIES 5 MEMORY CORRUPTION 167 INTRODUCTION 167 BUFFER OVERFLOWS 168 PROCESS MEMORY LAYOUT 169 STACK OVERFLOWS 169 OFF-BY-ONE ERRORS 180 HEAP OVERFLOWS 183 GLOBAL AND STATIC DATA OVERFLOWS 186 SHELLCODE 187 WRITING THE CODE 187 FINDING YOUR CODE IN MEMORY 188 PROTECTION MECHANISMS 189 STACK COOKIES 190 HEAP IMPLEMENTATION HARDENING 191 NONEXECUTABLE STACK AND HEAP PROTECTION 193 ADDRESS SPACE LAYOUT RANDOMIZATION 194 SAFESEH 194 FUNCTION POINTER OBFUSCATION 195 ASSESSING MEMORY CORRUPTION IMPACT 196 WHERE IS THE BUFFER LOCATED IN MEMORY? 197 WHAT OTHER DATA IS OVERWRITTEN? 197 HOW MANY BYTES CAN BE OVERWRITTEN? 198 WHAT DATA CAN BE USED TO CORRUPT MEMORY? 199 ARE MEMORY BLOCKS SHARED? 201 WHAT PROTECTIONS ARE IN PLACE? 202 SUMMARY 202 6 C LANGUAGE ISSUES 203 INTRODUCTION 203 C LANGUAGE BACKGROUND 204 DATA STORAGE OVERVIEW 204 BINARY ENCODING 207 BYTE ORDER 209 COMMON IMPLEMENTATIONS 209 ARITHMETIC BOUNDARY CONDITIONS 211 UNSIGNED INTEGER BOUNDARIES 213 SIGNED INTEGER BOUNDARIES 220 TYPE CONVERSIONS 223 OVERVIEW 224 CONVERSION RULES 225 SIMPLE CONVERSIONS 231 INTEGER PROMOTIONS 233 INTEGER PROMOTION APPLICATIONS 235 USUAL ARITHMETIC CONVERSIONS 238 VII TABLE OF CONTENTS USUAL ARITHMETIC CONVERSION APPLICATIONS 242 TYPE CONVERSION SUMMARY 244 TYPE CONVERSION VULNERABILITIES 246 SIGNED/UNSIGNED CONVERSIONS 246 SIGN EXTENSION 248 TRUNCATION 259 COMPARISONS 265 OPERATORS 271 THE SIZEOF OPERATOR 271 UNEXPECTED RESULTS 272 POINTER ARITHMETIC 277 POINTER OVERVIEW 277 POINTER ARITHMETIC OVERVIEW 278 VULNERABILITIES 280 OTHER C NUANCES 282 ORDER OF EVALUATION 282 STRUCTURE PADDING 284 PRECEDENCE 287 MACROS/PREPROCESSOR 288 TYPOS 289 SUMMARY 296 7 PROGRAM BUILDING BLOCKS 297 INTRODUCTION 297 AUDITING VARIABLE USE 298 VARIABLE RELATIONSHIPS 298 STRUCTURE AND OBJECT MISMANAGEMENT 307 VARIABLE INITIALIZATION 312 ARITHMETIC BOUNDARIES 316 TYPE CONFUSION 319 LISTS AND TABLES 321 AUDITING CONTROL FLOW 326 LOOPING CONSTRUCTS 327 FLOW TRANSFER STATEMENTS 336 SWITCH STATEMENTS 337 AUDITING FUNCTIONS 339 FUNCTION AUDIT LOGS 339 RETURN VALUE TESTING AND INTERPRETATION 340 FUNCTION SIDE-EFFECTS 351 ARGUMENT MEANING 360 AUDITING MEMORY MANAGEMENT 362 ACC LOGS 362 ALLOCATION FUNCTIONS 369 ALLOCATOR SCORECARDS AND ERROR DOMAINS 377 DOUBLE-FREES 379 SUMMARY 385 8 STRINGS AND METACHARACTERS 387 INTRODUCTION 387 C STRING HANDLING 388 UNBOUNDED STRING FUNCTIONS 388 BOUNDED STRING FUNCTIONS 393 COMMON ISSUES 400 METACHARACTERS 407 EMBEDDED DELIMITERS 408 NUL CHARACTER INJECTION 411 TRUNCATION 414 COMMON METACHARACTER FORMATS 418 PATH METACHARACTERS 418 C FORMAT STRINGS 422 SHELL METACHARACTERS 425 PERL OPEN() 429 SQL QUERIES 431 METACHARACTER FILTERING 434 ELIMINATING METACHARACTERS 434 VIII TABLE OF CONTENTS ESCAPING METACHARACTERS 439 METACHARACTER EVASION 441 CHARACTER SETS AND UNICODE 446 UNICODE 446 WINDOWS UNICODE FUNCTIONS 450 SUMMARY 457 UNIX I: PRIVILEGES AND FILES 459 INTRODUCTION 459 UNIX 101 460 USERS AND GROUPS 461 FILES AND DIRECTORIES 462 PROCESSES 464 PRIVILEGE MODEL 464 PRIVILEGED PROGRAMS 466 USER ID FUNCTIONS 468 GROUP ID FUNCTIONS 475 PRIVILEGE VULNERABILITIES 477 RECKLESS USE OF PRIVILEGES 477 DROPPING PRIVILEGES PERMANENTLY 479 DROPPING PRIVILEGES TEMPORARILY 486 AUDITING PRIVILEGE-MANAGEMENT CODE 488 PRIVILEGE EXTENSIONS 491 FILE SECURITY 494 FILE IDS 494 FILE PERMISSIONS 495 DIRECTORY PERMISSIONS 498 PRIVILEGE MANAGEMENT WITH FILE OPERATIONS 499 FILE CREATION 500 DIRECTORY SAFETY 503 FILENAMES AND PATHS 503 DANGEROUS PLACES 507 INTERESTING FILES 508 FILE INTERNAIS 512 FILE DESCRIPTORS 512 INODES 513 DIRECTORIES 514 LINKS 515 SYMBOLIC LINKS 515 HARD LINKS 522 RACE CONDITIONS 526 TOCTOU 527 THE STAT() FAMILY OF FUNCTIONS 528 FILE RACE REDUX 532 PERMISSION RACES 533 OWNERSHIP RACES 534 DIRECTORY RACES 535 TEMPORARY FILES 538 UNIQUE FILE CREATION 538 FILE REUSE 544 TEMPORARY DIRECTORY CLEANERS 546 THE STDIO FILE INTERFACE 547 OPENING A FILE 548 READING FROM A FILE 550 WRITING TO A FILE 555 CLOSING A FILE 556 SUMMARY 557 10 UNIX II: PROCESSES 559 INTRODUCTION 559 PROCESSES 560 PROCESS CREATION 560 FORK() VARIANTS 562 PROCESS TERMINATION 562 FORK() AND OPEN FILES 563 PROGRAM INVOCATION 565 IX TABLE OF CONTENTS DIRECT INVOCATION 565 INDIRECT INVOCATION 570 PROCESS ATTRIBUTES 572 PROCESS ATTRIBUTE RETENTION 573 RESOURCE LIMITS 574 FILE DESCRIPTORS 580 ENVIRONMENT ARRAYS 591 PROCESS GROUPS, SESSIONS, AND TERMINALS 609 INTERPROCESS COMMUNICATION 611 PIPES 612 NAMED PIPES 612 SYSTEM VIPC 614 UNIX DOMAIN SOCKETS 615 REMOTE PROCEDURE CALLS 618 RPC DEFINITION FILES 619 RPC DECODING ROUTINES 622 AUTHENTICATION 623 SUMMARY 624 11 WINDOWS I: OBJECTS AND THE FILE SYSTEM 625 INTRODUCTION 625 BACKGROUND 626 OBJECTS 627 OBJECT NAMESPACES 629 OBJECT HANDIES 632 SESSIONS 636 SECURITY IDS 637 LOGON RIGHTS 638 ACCESS TOKENS 639 SECURITY DESCRIPTORS 647 ACCESS MASKS 648 ACL INHERITANCE 649 SECURITY DESCRIPTORS PROGRAMMING INTERFACES 649 AUDITING ACL PERMISSIONS 652 PROCESSES AND THREADS 654 PROCESS LOADING 654 SHELLEXECUTE AND SHELLEXECUTEEX 655 DLL LOADING 656 SERVICES 658 FILE ACCESS 659 FILE PERMISSIONS 659 THE FILE I/O API 661 LINKS 676 THE REGISTRY 680 KEY PERMISSIONS 681 KEY AND VALUE SQUATTING 682 SUMMARY 684 12 WINDOWS II: INTERPROCESS COMMUNICATION 685 INTRODUCTION 685 WINDOWS IPC SECURITY 686 THE REDIRECTOR 686 IMPERSONATION 688 WINDOW MESSAGING 689 WINDOW STATIONS OBJECT 690 THE DESKTOP OBJECT 690 WINDOW MESSAGES 691 SHATTER ATTACKS 694 DDE 697 TERMINAL SESSIONS 697 PIPES 698 PIPE PERMISSIONS 698 NAMED PIPES 699 PIPE CREATION 699 IMPERSONATION IN PIPES 700 PIPE SQUATTING 703 X TABLE OF CONTENTS MAILSLOTS 705 MAILSLOT PERMISSIONS 705 MAILSLOT SQUATTING 706 REMOTE PROCEDURE CALLS 706 RPC CONNECTIONS 706 RPC TRANSPORTS 707 MICROSOFT INTERFACE DEFINITION LANGUAGE 708 IDL FILE STRUCTURE 708 APPLICATION CONFIGURATION FILES 710 RPC SERVERS 711 IMPERSONATION IN RPC 716 CONTEXT HANDIES AND STATE 718 THREADING IN RPC 721 AUDITING RPC APPLICATIONS 722 COM 725 COM: A QUICK PRIMER 725 DCOM CONFIGURATION UTILITY 731 DCOM APPLICATION IDENTITY 732 DCOM SUBSYSTEM ACCESS PERMISSIONS 733 DCOM ACCESS CONTROLS 734 IMPERSONATION IN DCOM 736 MIDL REVISITED 738 ACTIVE TEMPLATE LIBRARY 740 AUDITING DCOM APPLICATIONS 741 ACTIVEX SECURITY 749 SUMMARY 754 13 SYNCHRONIZATION AND STATE 755 INTRODUCTION 755 SYNCHRONIZATION PROBLEMS 756 REENTRANCY AND ASYNCHRONOUS-SAFE CODE 757 RACE CONDITIONS 759 STARVATION AND DEADLOCKS 760 PROCESS SYNCHRONIZATION 762 SYSTEM V PROCESS SYNCHRONIZATION 762 WINDOWS PROCESS SYNCHRONIZATION 765 VULNERABILITIES WITH INTERPROCESS SYNCHRONIZATION 770 SIGNALS 783 SENDING SIGNALS 786 HANDLING SIGNALS 786 JUMP LOCATIONS 788 SIGNAL VULNERABILITIES 791 SIGNALS SCOREBOARD 809 THREADS 810 PTHREADS API 811 WINDOWS API 813 THREADING VULNERABILITIES 815 SUMMARY 825 III SOFTWARE VULNERABILITIES IN PRACTICE 14 NETWORK PROTOCOLS 829 INTRODUCTION 829 INTERNET PROTOCOL 831 IP ADDRESSING PRIMER 832 IP PACKET STRUCTURES 834 BASIC IP HEADER VALIDATION 836 IP OPTIONS PROCESSING 844 SOURCE ROUTING 851 FRAGMENTATION 853 USER DATAGRAM PROTOCOL 863 BASIC UDP HEADER VALIDATION 864 UDP ISSUES 864 TRANSMISSION CONTROL PROTOCOL 864 BASIC TCP HEADER VALIDATION 866 TCP OPTIONS PROCESSING 867 XI TABLE OF CONTENTS TCP CONNECTIONS 869 TCP STREAMS 872 TCP PROCESSING 880 SUMMARY 890 15 FIREWALLS 891 INTRODUCTION 891 OVERVIEW OF FIREWALLS 892 PROXY VERSUS PACKET FILTERS 893 ATTACK SURFACE 895 PROXY FIREWALLS 895 PACKET-FILTERING FIREWALLS 896 STATELESS FIREWALLS 896 TCP 896 UDP 899 FTP 901 FRAGMENTATION 902 SIMPLE STATEFUL FIREWALLS 905 TCP 905 UDP 906 DIRECTIONALITY 906 FRAGMENTATION 907 STATEFUL INSPECTION FIREWALLS 909 LAYERING ISSUES 911 SPOOFING ATTACKS 914 SPOOFING FROM A DISTANCE 914 SPOOFING UP CLOSE 917 SPOOKY ACTION AT A DISTANCE 919 SUMMARY 920 16 NETWORK APPLICATION PROTOCOLS 921 INTRODUCTION 921 AUDITING APPLICATION PROTOCOLS 922 COLLECT DOCUMENTATION 922 IDENTIFY ELEMENTS OF UNKNOWN PROTOCOLS 923 MATCH DATA TYPES WITH THE PROTOCOL 927 DATA VERIFICATION 935 ACCESS TO SYSTEM RESOURCES 935 HYPERTEXT TRANSFER PROTOCOL 937 HEADER PARSING 937 ACCESSING RESOURCES 940 UTILITY FUNCTIONS 941 POSTING DATA 942 INTERNET SECURITY ASSOCIATION AND KEY MANAGEMENT PROTOCOL 948 PAYLOADS 952 PAYLOAD TYPES 956 ENCRYPTION VULNERABILITIES 971 ABSTRACT SYNTAX NOTATION (ASN.L) 972 BASIC ENCODING RULES 975 CANONICAL ENCODING AND DISTINGUISHED ENCODING 976 VULNERABILITIES IN BER, CER, AND DER IMPLEMENTATIONS 977 PACKED ENCODING RULES (PER) 979 XML ENCODING RULES 983 XER VULNERABILITIES 984 DOMAIN NAME SYSTEM 984 DOMAIN NAMES AND RESOURCE RECORDS 984 NAME SERVERS AND RESOLVERS 986 ZONES 987 RESOURCE RECORD CONVENTIONS 988 BASIC USE CASE 989 DNS PROTOCOL STRUCTURE PRIMER 990 XUE TABLE OF CONTENTS DNS NAMES 993 LENGTH VARIABLES 996 DNS SPOOFING 1002 SUMMARY 1005 17 WEB APPLICATIONS 1007 INTRODUCTION 1007 WEB TECHNOLOGY OVERVIEW 1008 THE BASICS 1009 STATIC CONTENT 1009 CGI 1009 WEB SERVER APIS 1010 SERVER-SIDE INCLUDES 1011 SERVER-SIDE TRANSFORMATION 1012 SERVER-SIDE SCRIPTING 1013 HTTP 1014 OVERVIEW 1014 VERSIONS 1017 HEADERS 1018 METHODS 1020 PARAMETERS AND FORMS 1022 STATE AND HTTP AUTHENTICATION 1027 OVERVIEW 1028 CLIENT IP ADDRESSES 1029 REFERER REQUEST HEADER 1030 EMBEDDING STATE IN HTML AND URLS 1032 HTTP AUTHENTICATION 1033 COOKIES 1036 SESSIONS 1038 ARCHITECTURE 1040 REDUNDANCY 1040 PRESENTATION LOGIC 1040 BUSINESS LOGIC 1041 N-TIER ARCHITECTURES 1041 BUSINESS TIER 1043 WEB TIER: MODEL-VIEW-CONTROLLER 1044 PROBLEM AREAS 1046 CLIENT VISIBILITY 1046 CLIENT CONTROL 1047 PAGE FLOW 1048 SESSIONS 1049 AUTHENTICATION 1056 AUTHORIZATION AND ACCESS CONTROL 1057 ENCRYPTION AND SSL/TLS 1058 PHISHING AND IMPERSONATION 1059 COMMON VULNERABILITIES 1060 SQL INJECTION 1061 OS AND FILE SYSTEM INTERACTION 1066 XML INJECTION 1069 XPATH INJECTION 1070 CROSS-SITE SCRIPTING 1071 THREADING ISSUES 1074 C/C++ PROBLEMS 1075 HARSH REALITIES OF THE WEB 1075 AUDITING STRATEGY 1078 SUMMARY 1081 18 WEB TECHNOLOGIES 1083 INTRODUCTION 1083 WEB SERVICES AND SERVICE-ORIENTED ARCHITECTURE 1084 SOAP 1085 REST 1085 AJAX 1085 WEB APPLICATION PLATFORMS 1086 CGI 1086 INDEXED QUERIES 1086 ENVIRONMENT VARIABLES 1087 XIII TABLE OF CONTENTS PATH CONFUSION 1091 PERL 1093 SQL INJECTION 1093 FILE ACCESS 1094 SHELL INVOCATION 1095 FILE INCLUSION 1095 INLINE EVALUATION 1095 CROSS-SITE SCRIPTING 1096 TAINT MODE 1096 PHP 1096 SQL INJECTION 1097 FILE ACCESS 1098 SHELL INVOCATION 1099 FILE INCLUSION 1101 INLINE EVALUATION 1101 CROSS-SITE SCRIPTING 1103 CONFIGURATION 1104 JAVA 1105 SQL INJECTION 1106 FILE ACCESS 1107 SHELL INVOCATION 1108 FILE INCLUSION 1108 JSP FILE INCLUSION 1109 INLINE EVALUATION 1110 CROSS-SITE SCRIPTING 1110 THREADING ISSUES 1111 CONFIGURATION 1112 ASP 1113 SQL INJECTION 1113 FILE ACCESS 1115 SHELL INVOCATION 1115 FILE INCLUSION 1116 INLINE EVALUATION 1117 CROSS-SITE SCRIPTING 1118 CONFIGURATION 1118 ASP.NET 1118 SQL INJECTION 1118 FILE ACCESS 1119 SHELL INVOCATION 1120 FILE INCLUSION 1120 INLINE EVALUATION 1121 CROSS-SITE SCRIPTING 1121 CONFIGURATION 1121 VIEWSTATE 1121 SUMMARY 1123 BLBLIOGRAPHY 1125 INDEX 1129
adam_txt	THE ART OF SOFTWARE SECURITY ASSESSMENT IDENTIFYING AND PREVENTING SOFTWARE VULNERABILITI ES MARKDOWD JOHN MCDONALD JUSTIN SCHUH AADDISON-WESLEY UPPER SADDLE RIVER, NJ * BOSTON * INDIANAPOLIS * SAN FRANCISCO NEW YORK * TORONTO * MONTREAL * LONDON * MUNICH * PARIS * MADRID CAPE TOWN * SYDNEY * TOKYO * SINGAPORE * MEXICO CITY TABLE OF CONTENTS ABOUT THE AUTHORS XV PREFACE XVII ACKNOWLEDGMENTS XXI I INTRODUCTION TO SOFTWARE SECURITY ASSESSMENT 1 SOFTWARE VULNERABILITY FUNDAMENTALS 3 INTRODUCTION 3 VULNERABILITIES 4 SECURITY POLICIES 5 SECURITY EXPECTATIONS 7 THE NECESSITY OF AUDITING 9 AUDITING VERSUS BLACK BOX TESTING 11 CODE AUDITING AND THE DEVELOPMENT LIFE CYCLE 13 CLASSIFYING VULNERABILITIES 14 DESIGN VULNERABILITIES 14 IMPLEMENTATION VULNERABILITIES 15 OPERATIONAL VULNERABILITIES 16 GRAY AREAS 17 COMMON THREADS 18 INPUT AND DATA FLOW 18 TRUST RELATIONSHIPS 19 ASSUMPTIONS AND MISPLACED TRUST 20 INTERFACES 21 ENVIRONMENTAL ATTACKS 21 EXCEPTIONAL CONDITIONS 22 SUMMARY 23 2 DESIGN REVIEW 25 INTRODUCTION 25 SOFTWARE DESIGN FUNDAMENTALS 26 ALGORITHMS 26 ABSTRACTION AND DECOMPOSITION 27 TRUST RELATIONSHIPS 28 PRINCIPLES OF SOFTWARE DESIGN 31 FUNDAMENTAL DESIGN FLAWS 33 ENFORCING SECURITY POLICY 36 AUTHENTICATION 36 AUTHORIZATION 38 ACCOUNTABILITY 40 CONFIDENTIALITY 41 V TABLE OF CONTENTS INTEGRITY 45 AVAILABILITY 48 THREAT MODELING 49 INFORMATION COLLECTION 50 APPLICATION ARCHITECTURE MODELING 53 THREAT IDENTIFICATION 59 DOCUMENTATION OF FINDINGS 62 PRIORITIZING THE IMPLEMENTATION REVIEW 65 SUMMARY 66 OPERATIONAL REVIEW 67 INTRODUCTION 67 EXPOSURE 68 ATTACK SURFACE 68 INSECURE DEFAULTS 69 ACCESS CONTROL 69 UNNECESSARY SERVICES 70 SECURE CHANNELS 71 SPOOFING AND IDENTIFICATION 72 NETWORK PROFILES 73 WEB-SPECIFIC CONSIDERATIONS 73 HTTP REQUEST METHODS 73 DIRECTORY INDEXING 74 FILE HANDLERS 74 AUTHENTICATION 75 DEFAULT SITE INSTALLATIONS 75 OVERLY VERBOSE ERROR MESSAGES 75 PUBLIC-FACING ADMINISTRATIVE INTERFACES 76 PROTECTIVE MEASURES 76 DEVELOPMENT MEASURES 76 HOST-BASED MEASURES 79 NETWORK-BASED MEASURES 83 SUMMARY 89 4 APPLICATION REVIEW PROCESS 91 INTRODUCTION 91 OVERVIEW OF THE APPLICATION REVIEW PROCESS 92 RATIONALE 92 PROCESS OUTLINE 93 PREASSESSMENT 93 SCOPING 94 APPLICATION ACCESS 95 INFORMATION COLLECTION 96 APPLICATION REVIEW 97 AVOID DROWNING 98 ITERATIVE PROCESS 98 INITIAL PREPARATION 99 PLAN 101 WORK 103 REFLECT 105 DOCUMENTATION AND ANALYSIS 106 REPORTING AND REMEDIATION SUPPORT 108 CODE NAVIGATION 109 EXTERNAL FLOW SENSITIVITY 109 TRACING DIRECTION 111 CODE-AUDITING STRATEGIES 111 CODE COMPREHENSION STRATEGIES 113 CANDIDATE POINT STRATEGIES 119 DESIGN GENERALIZATION STRATEGIES 128 CODE-AUDITING TECHNIQUES 133 INTERNAL FLOW ANALYSIS 133 SUBSYSTEM AND DEPENDENCY ANALYSIS 135 REREADING CODE 136 DESK-CHECKING 137 TABLE OF CONTENTS TEST CASES 139 CODE AUDITOR'S TOOLBOX 147 SOURCE CODE NAVIGATORS 148 DEBUGGERS 151 BINARY NAVIGATION TOOLS 155 FUZZ-TESTING TOOLS 157 CASE STUDY: OPENSSH 158 PREASSESSMENT 159 IMPLEMENTATION ANALYSIS 161 HIGH-LEVEL ATTACK VECTORS 162 DOCUMENTATION OF FINDINGS 164 SUMMARY 164 II SOFTWARE VULNERABILITIES 5 MEMORY CORRUPTION 167 INTRODUCTION 167 BUFFER OVERFLOWS 168 PROCESS MEMORY LAYOUT 169 STACK OVERFLOWS 169 OFF-BY-ONE ERRORS 180 HEAP OVERFLOWS 183 GLOBAL AND STATIC DATA OVERFLOWS 186 SHELLCODE 187 WRITING THE CODE 187 FINDING YOUR CODE IN MEMORY 188 PROTECTION MECHANISMS 189 STACK COOKIES 190 HEAP IMPLEMENTATION HARDENING 191 NONEXECUTABLE STACK AND HEAP PROTECTION 193 ADDRESS SPACE LAYOUT RANDOMIZATION 194 SAFESEH 194 FUNCTION POINTER OBFUSCATION 195 ASSESSING MEMORY CORRUPTION IMPACT 196 WHERE IS THE BUFFER LOCATED IN MEMORY? 197 WHAT OTHER DATA IS OVERWRITTEN? 197 HOW MANY BYTES CAN BE OVERWRITTEN? 198 WHAT DATA CAN BE USED TO CORRUPT MEMORY? 199 ARE MEMORY BLOCKS SHARED? 201 WHAT PROTECTIONS ARE IN PLACE? 202 SUMMARY 202 6 C LANGUAGE ISSUES 203 INTRODUCTION 203 C LANGUAGE BACKGROUND 204 DATA STORAGE OVERVIEW 204 BINARY ENCODING 207 BYTE ORDER 209 COMMON IMPLEMENTATIONS 209 ARITHMETIC BOUNDARY CONDITIONS 211 UNSIGNED INTEGER BOUNDARIES 213 SIGNED INTEGER BOUNDARIES 220 TYPE CONVERSIONS 223 OVERVIEW 224 CONVERSION RULES 225 SIMPLE CONVERSIONS 231 INTEGER PROMOTIONS 233 INTEGER PROMOTION APPLICATIONS 235 USUAL ARITHMETIC CONVERSIONS 238 VII TABLE OF CONTENTS USUAL ARITHMETIC CONVERSION APPLICATIONS 242 TYPE CONVERSION SUMMARY 244 TYPE CONVERSION VULNERABILITIES 246 SIGNED/UNSIGNED CONVERSIONS 246 SIGN EXTENSION 248 TRUNCATION 259 COMPARISONS 265 OPERATORS 271 THE SIZEOF OPERATOR 271 UNEXPECTED RESULTS 272 POINTER ARITHMETIC 277 POINTER OVERVIEW 277 POINTER ARITHMETIC OVERVIEW 278 VULNERABILITIES 280 OTHER C NUANCES 282 ORDER OF EVALUATION 282 STRUCTURE PADDING 284 PRECEDENCE 287 MACROS/PREPROCESSOR 288 TYPOS 289 SUMMARY 296 7 PROGRAM BUILDING BLOCKS 297 INTRODUCTION 297 AUDITING VARIABLE USE 298 VARIABLE RELATIONSHIPS 298 STRUCTURE AND OBJECT MISMANAGEMENT 307 VARIABLE INITIALIZATION 312 ARITHMETIC BOUNDARIES 316 TYPE CONFUSION 319 LISTS AND TABLES 321 AUDITING CONTROL FLOW 326 LOOPING CONSTRUCTS 327 FLOW TRANSFER STATEMENTS 336 SWITCH STATEMENTS 337 AUDITING FUNCTIONS 339 FUNCTION AUDIT LOGS 339 RETURN VALUE TESTING AND INTERPRETATION 340 FUNCTION SIDE-EFFECTS 351 ARGUMENT MEANING 360 AUDITING MEMORY MANAGEMENT 362 ACC LOGS 362 ALLOCATION FUNCTIONS 369 ALLOCATOR SCORECARDS AND ERROR DOMAINS 377 DOUBLE-FREES 379 SUMMARY 385 8 STRINGS AND METACHARACTERS 387 INTRODUCTION 387 C STRING HANDLING 388 UNBOUNDED STRING FUNCTIONS 388 BOUNDED STRING FUNCTIONS 393 COMMON ISSUES 400 METACHARACTERS 407 EMBEDDED DELIMITERS 408 NUL CHARACTER INJECTION 411 TRUNCATION 414 COMMON METACHARACTER FORMATS 418 PATH METACHARACTERS 418 C FORMAT STRINGS 422 SHELL METACHARACTERS 425 PERL OPEN() 429 SQL QUERIES 431 METACHARACTER FILTERING 434 ELIMINATING METACHARACTERS 434 VIII TABLE OF CONTENTS ESCAPING METACHARACTERS 439 METACHARACTER EVASION 441 CHARACTER SETS AND UNICODE 446 UNICODE 446 WINDOWS UNICODE FUNCTIONS 450 SUMMARY 457 UNIX I: PRIVILEGES AND FILES 459 INTRODUCTION 459 UNIX 101 460 USERS AND GROUPS 461 FILES AND DIRECTORIES 462 PROCESSES 464 PRIVILEGE MODEL 464 PRIVILEGED PROGRAMS 466 USER ID FUNCTIONS 468 GROUP ID FUNCTIONS 475 PRIVILEGE VULNERABILITIES 477 RECKLESS USE OF PRIVILEGES 477 DROPPING PRIVILEGES PERMANENTLY 479 DROPPING PRIVILEGES TEMPORARILY 486 AUDITING PRIVILEGE-MANAGEMENT CODE 488 PRIVILEGE EXTENSIONS 491 FILE SECURITY 494 FILE IDS 494 FILE PERMISSIONS 495 DIRECTORY PERMISSIONS 498 PRIVILEGE MANAGEMENT WITH FILE OPERATIONS 499 FILE CREATION 500 DIRECTORY SAFETY 503 FILENAMES AND PATHS 503 DANGEROUS PLACES 507 INTERESTING FILES 508 FILE INTERNAIS 512 FILE DESCRIPTORS 512 INODES 513 DIRECTORIES 514 LINKS 515 SYMBOLIC LINKS 515 HARD LINKS 522 RACE CONDITIONS 526 TOCTOU 527 THE STAT() FAMILY OF FUNCTIONS 528 FILE RACE REDUX 532 PERMISSION RACES 533 OWNERSHIP RACES 534 DIRECTORY RACES 535 TEMPORARY FILES 538 UNIQUE FILE CREATION 538 FILE REUSE 544 TEMPORARY DIRECTORY CLEANERS 546 THE STDIO FILE INTERFACE 547 OPENING A FILE 548 READING FROM A FILE 550 WRITING TO A FILE 555 CLOSING A FILE 556 SUMMARY 557 10 UNIX II: PROCESSES 559 INTRODUCTION 559 PROCESSES 560 PROCESS CREATION 560 FORK() VARIANTS 562 PROCESS TERMINATION 562 FORK() AND OPEN FILES 563 PROGRAM INVOCATION 565 IX TABLE OF CONTENTS DIRECT INVOCATION 565 INDIRECT INVOCATION 570 PROCESS ATTRIBUTES 572 PROCESS ATTRIBUTE RETENTION 573 RESOURCE LIMITS 574 FILE DESCRIPTORS 580 ENVIRONMENT ARRAYS 591 PROCESS GROUPS, SESSIONS, AND TERMINALS 609 INTERPROCESS COMMUNICATION 611 PIPES 612 NAMED PIPES 612 SYSTEM VIPC 614 UNIX DOMAIN SOCKETS 615 REMOTE PROCEDURE CALLS 618 RPC DEFINITION FILES 619 RPC DECODING ROUTINES 622 AUTHENTICATION 623 SUMMARY 624 11 WINDOWS I: OBJECTS AND THE FILE SYSTEM 625 INTRODUCTION 625 BACKGROUND 626 OBJECTS 627 OBJECT NAMESPACES 629 OBJECT HANDIES 632 SESSIONS 636 SECURITY IDS 637 LOGON RIGHTS 638 ACCESS TOKENS 639 SECURITY DESCRIPTORS 647 ACCESS MASKS 648 ACL INHERITANCE 649 SECURITY DESCRIPTORS PROGRAMMING INTERFACES 649 AUDITING ACL PERMISSIONS 652 PROCESSES AND THREADS 654 PROCESS LOADING 654 SHELLEXECUTE AND SHELLEXECUTEEX 655 DLL LOADING 656 SERVICES 658 FILE ACCESS 659 FILE PERMISSIONS 659 THE FILE I/O API 661 LINKS 676 THE REGISTRY 680 KEY PERMISSIONS 681 KEY AND VALUE SQUATTING 682 SUMMARY 684 12 WINDOWS II: INTERPROCESS COMMUNICATION 685 INTRODUCTION 685 WINDOWS IPC SECURITY 686 THE REDIRECTOR 686 IMPERSONATION 688 WINDOW MESSAGING 689 WINDOW STATIONS OBJECT 690 THE DESKTOP OBJECT 690 WINDOW MESSAGES 691 SHATTER ATTACKS 694 DDE 697 TERMINAL SESSIONS 697 PIPES 698 PIPE PERMISSIONS 698 NAMED PIPES 699 PIPE CREATION 699 IMPERSONATION IN PIPES 700 PIPE SQUATTING 703 X TABLE OF CONTENTS MAILSLOTS 705 MAILSLOT PERMISSIONS 705 MAILSLOT SQUATTING 706 REMOTE PROCEDURE CALLS 706 RPC CONNECTIONS 706 RPC TRANSPORTS 707 MICROSOFT INTERFACE DEFINITION LANGUAGE 708 IDL FILE STRUCTURE 708 APPLICATION CONFIGURATION FILES 710 RPC SERVERS 711 IMPERSONATION IN RPC 716 CONTEXT HANDIES AND STATE 718 THREADING IN RPC 721 AUDITING RPC APPLICATIONS 722 COM 725 COM: A QUICK PRIMER 725 DCOM CONFIGURATION UTILITY 731 DCOM APPLICATION IDENTITY 732 DCOM SUBSYSTEM ACCESS PERMISSIONS 733 DCOM ACCESS CONTROLS 734 IMPERSONATION IN DCOM 736 MIDL REVISITED 738 ACTIVE TEMPLATE LIBRARY 740 AUDITING DCOM APPLICATIONS 741 ACTIVEX SECURITY 749 SUMMARY 754 13 SYNCHRONIZATION AND STATE 755 INTRODUCTION 755 SYNCHRONIZATION PROBLEMS 756 REENTRANCY AND ASYNCHRONOUS-SAFE CODE 757 RACE CONDITIONS 759 STARVATION AND DEADLOCKS 760 PROCESS SYNCHRONIZATION 762 SYSTEM V PROCESS SYNCHRONIZATION 762 WINDOWS PROCESS SYNCHRONIZATION 765 VULNERABILITIES WITH INTERPROCESS SYNCHRONIZATION 770 SIGNALS 783 SENDING SIGNALS 786 HANDLING SIGNALS 786 JUMP LOCATIONS 788 SIGNAL VULNERABILITIES 791 SIGNALS SCOREBOARD 809 THREADS 810 PTHREADS API 811 WINDOWS API 813 THREADING VULNERABILITIES 815 SUMMARY 825 III SOFTWARE VULNERABILITIES IN PRACTICE 14 NETWORK PROTOCOLS 829 INTRODUCTION 829 INTERNET PROTOCOL 831 IP ADDRESSING PRIMER 832 IP PACKET STRUCTURES 834 BASIC IP HEADER VALIDATION 836 IP OPTIONS PROCESSING 844 SOURCE ROUTING 851 FRAGMENTATION 853 USER DATAGRAM PROTOCOL 863 BASIC UDP HEADER VALIDATION 864 UDP ISSUES 864 TRANSMISSION CONTROL PROTOCOL 864 BASIC TCP HEADER VALIDATION 866 TCP OPTIONS PROCESSING 867 XI TABLE OF CONTENTS TCP CONNECTIONS 869 TCP STREAMS 872 TCP PROCESSING 880 SUMMARY 890 15 FIREWALLS 891 INTRODUCTION 891 OVERVIEW OF FIREWALLS 892 PROXY VERSUS PACKET FILTERS 893 ATTACK SURFACE 895 PROXY FIREWALLS 895 PACKET-FILTERING FIREWALLS 896 STATELESS FIREWALLS 896 TCP 896 UDP 899 FTP 901 FRAGMENTATION 902 SIMPLE STATEFUL FIREWALLS 905 TCP 905 UDP 906 DIRECTIONALITY 906 FRAGMENTATION 907 STATEFUL INSPECTION FIREWALLS 909 LAYERING ISSUES 911 SPOOFING ATTACKS 914 SPOOFING FROM A DISTANCE 914 SPOOFING UP CLOSE 917 SPOOKY ACTION AT A DISTANCE 919 SUMMARY 920 16 NETWORK APPLICATION PROTOCOLS 921 INTRODUCTION 921 AUDITING APPLICATION PROTOCOLS 922 COLLECT DOCUMENTATION 922 IDENTIFY ELEMENTS OF UNKNOWN PROTOCOLS 923 MATCH DATA TYPES WITH THE PROTOCOL 927 DATA VERIFICATION 935 ACCESS TO SYSTEM RESOURCES 935 HYPERTEXT TRANSFER PROTOCOL 937 HEADER PARSING 937 ACCESSING RESOURCES 940 UTILITY FUNCTIONS 941 POSTING DATA 942 INTERNET SECURITY ASSOCIATION AND KEY MANAGEMENT PROTOCOL 948 PAYLOADS 952 PAYLOAD TYPES 956 ENCRYPTION VULNERABILITIES 971 ABSTRACT SYNTAX NOTATION (ASN.L) 972 BASIC ENCODING RULES 975 CANONICAL ENCODING AND DISTINGUISHED ENCODING 976 VULNERABILITIES IN BER, CER, AND DER IMPLEMENTATIONS 977 PACKED ENCODING RULES (PER) 979 XML ENCODING RULES 983 XER VULNERABILITIES 984 DOMAIN NAME SYSTEM 984 DOMAIN NAMES AND RESOURCE RECORDS 984 NAME SERVERS AND RESOLVERS 986 ZONES 987 RESOURCE RECORD CONVENTIONS 988 BASIC USE CASE 989 DNS PROTOCOL STRUCTURE PRIMER 990 XUE TABLE OF CONTENTS DNS NAMES 993 LENGTH VARIABLES 996 DNS SPOOFING 1002 SUMMARY 1005 17 WEB APPLICATIONS 1007 INTRODUCTION 1007 WEB TECHNOLOGY OVERVIEW 1008 THE BASICS 1009 STATIC CONTENT 1009 CGI 1009 WEB SERVER APIS 1010 SERVER-SIDE INCLUDES 1011 SERVER-SIDE TRANSFORMATION 1012 SERVER-SIDE SCRIPTING 1013 HTTP 1014 OVERVIEW 1014 VERSIONS 1017 HEADERS 1018 METHODS 1020 PARAMETERS AND FORMS 1022 STATE AND HTTP AUTHENTICATION 1027 OVERVIEW 1028 CLIENT IP ADDRESSES 1029 REFERER REQUEST HEADER 1030 EMBEDDING STATE IN HTML AND URLS 1032 HTTP AUTHENTICATION 1033 COOKIES 1036 SESSIONS 1038 ARCHITECTURE 1040 REDUNDANCY 1040 PRESENTATION LOGIC 1040 BUSINESS LOGIC 1041 N-TIER ARCHITECTURES 1041 BUSINESS TIER 1043 WEB TIER: MODEL-VIEW-CONTROLLER 1044 PROBLEM AREAS 1046 CLIENT VISIBILITY 1046 CLIENT CONTROL 1047 PAGE FLOW 1048 SESSIONS 1049 AUTHENTICATION 1056 AUTHORIZATION AND ACCESS CONTROL 1057 ENCRYPTION AND SSL/TLS 1058 PHISHING AND IMPERSONATION 1059 COMMON VULNERABILITIES 1060 SQL INJECTION 1061 OS AND FILE SYSTEM INTERACTION 1066 XML INJECTION 1069 XPATH INJECTION 1070 CROSS-SITE SCRIPTING 1071 THREADING ISSUES 1074 C/C++ PROBLEMS 1075 HARSH REALITIES OF THE WEB 1075 AUDITING STRATEGY 1078 SUMMARY 1081 18 WEB TECHNOLOGIES 1083 INTRODUCTION 1083 WEB SERVICES AND SERVICE-ORIENTED ARCHITECTURE 1084 SOAP 1085 REST 1085 AJAX 1085 WEB APPLICATION PLATFORMS 1086 CGI 1086 INDEXED QUERIES 1086 ENVIRONMENT VARIABLES 1087 XIII TABLE OF CONTENTS PATH CONFUSION 1091 PERL 1093 SQL INJECTION 1093 FILE ACCESS 1094 SHELL INVOCATION 1095 FILE INCLUSION 1095 INLINE EVALUATION 1095 CROSS-SITE SCRIPTING 1096 TAINT MODE 1096 PHP 1096 SQL INJECTION 1097 FILE ACCESS 1098 SHELL INVOCATION 1099 FILE INCLUSION 1101 INLINE EVALUATION 1101 CROSS-SITE SCRIPTING 1103 CONFIGURATION 1104 JAVA 1105 SQL INJECTION 1106 FILE ACCESS 1107 SHELL INVOCATION 1108 FILE INCLUSION 1108 JSP FILE INCLUSION 1109 INLINE EVALUATION 1110 CROSS-SITE SCRIPTING 1110 THREADING ISSUES 1111 CONFIGURATION 1112 ASP 1113 SQL INJECTION 1113 FILE ACCESS 1115 SHELL INVOCATION 1115 FILE INCLUSION 1116 INLINE EVALUATION 1117 CROSS-SITE SCRIPTING 1118 CONFIGURATION 1118 ASP.NET 1118 SQL INJECTION 1118 FILE ACCESS 1119 SHELL INVOCATION 1120 FILE INCLUSION 1120 INLINE EVALUATION 1121 CROSS-SITE SCRIPTING 1121 CONFIGURATION 1121 VIEWSTATE 1121 SUMMARY 1123 BLBLIOGRAPHY 1125 INDEX 1129
any_adam_object	1
any_adam_object_boolean	1
author	Dowd, Mark
author_GND	(DE-588)13840030X
author_facet	Dowd, Mark
author_role	aut
author_sort	Dowd, Mark
author_variant	m d md
building	Verbundindex
bvnumber	BV022215836
callnumber-first	Q - Science
callnumber-label	QA76
callnumber-raw	QA76.9.A25
callnumber-search	QA76.9.A25
callnumber-sort	QA 276.9 A25
callnumber-subject	QA - Mathematics
classification_rvk	ST 230 ST 276 ST 277
classification_tum	DAR 465f
ctrlnum	(OCoLC)70836623 (DE-599)BVBBV022215836
dewey-full	005.8
dewey-hundreds	000 - Computer science, information, general works
dewey-ones	005 - Computer programming, programs, data, security
dewey-raw	005.8
dewey-search	005.8
dewey-sort	15.8
dewey-tens	000 - Computer science, information, general works
discipline	Informatik
discipline_str_mv	Informatik
edition	2. print.
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>02487nam a2200601zc 4500</leader><controlfield tag="001">BV022215836</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20100624 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">070108s2007 xxuad\|\| \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="010" ind1=" " ind2=" "><subfield code="a">2006023446</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780321444424</subfield><subfield code="9">978-0-321-44442-4</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0321444426</subfield><subfield code="c">pbk. : alk. paper</subfield><subfield code="9">0-321-44442-6</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)70836623</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV022215836</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">aacr</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="044" ind1=" " ind2=" "><subfield code="a">xxu</subfield><subfield code="c">US</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-91G</subfield><subfield code="a">DE-824</subfield><subfield code="a">DE-92</subfield><subfield code="a">DE-706</subfield><subfield code="a">DE-634</subfield><subfield code="a">DE-20</subfield><subfield code="a">DE-522</subfield><subfield code="a">DE-355</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">QA76.9.A25</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 230</subfield><subfield code="0">(DE-625)143617:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 276</subfield><subfield code="0">(DE-625)143642:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">DAR 465f</subfield><subfield code="2">stub</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Dowd, Mark</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">The art of software security assessment</subfield><subfield code="b">identifying and preventing software vulnerabilities</subfield><subfield code="c">Mark Dowd ; John McDonald ; Justin Schuh</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">2. print.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Upper Saddle River, NJ [u.a.]</subfield><subfield code="b">Addison-Wesley</subfield><subfield code="c">2007</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XXI, 1174 S.</subfield><subfield code="b">Ill., graph. Darst.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Logiciels - Vérification</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Réseaux d'ordinateurs - Sécurité - Mesures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Sécurité informatique</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer security</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer software</subfield><subfield code="x">Development</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer networks</subfield><subfield code="x">Security measures</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Softwareentwicklung</subfield><subfield code="0">(DE-588)4116522-6</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Softwareschwachstelle</subfield><subfield code="0">(DE-588)4752508-3</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Softwareschwachstelle</subfield><subfield code="0">(DE-588)4752508-3</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Softwareentwicklung</subfield><subfield code="0">(DE-588)4116522-6</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="689" ind1="1" ind2="0"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2=" "><subfield code="8">1\p</subfield><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">McDonald, John</subfield><subfield code="d">1977-</subfield><subfield code="e">Sonstige</subfield><subfield code="0">(DE-588)13840030X</subfield><subfield code="4">oth</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Schuh, Justin</subfield><subfield code="e">Sonstige</subfield><subfield code="4">oth</subfield></datafield><datafield tag="856" ind1="4" ind2=" "><subfield code="u">http://www.loc.gov/catdir/toc/ecip0618/2006023446.html</subfield><subfield code="3">Table of contents only</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">DNB Datenaustausch</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015427129&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-015427129</subfield></datafield><datafield tag="883" ind1="1" ind2=" "><subfield code="8">1\p</subfield><subfield code="a">cgwrk</subfield><subfield code="d">20201028</subfield><subfield code="q">DE-101</subfield><subfield code="u">https://d-nb.info/provenance/plan#cgwrk</subfield></datafield></record></collection>
id	DE-604.BV022215836
illustrated	Illustrated
index_date	2024-07-02T16:27:19Z
indexdate	2024-07-09T20:52:34Z
institution	BVB
isbn	9780321444424 0321444426
language	English
lccn	2006023446
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-015427129
oclc_num	70836623
open_access_boolean
owner	DE-91G DE-BY-TUM DE-824 DE-92 DE-706 DE-634 DE-20 DE-522 DE-355 DE-BY-UBR
owner_facet	DE-91G DE-BY-TUM DE-824 DE-92 DE-706 DE-634 DE-20 DE-522 DE-355 DE-BY-UBR
physical	XXI, 1174 S. Ill., graph. Darst.
publishDate	2007
publishDateSearch	2007
publishDateSort	2007
publisher	Addison-Wesley
record_format	marc
spelling	Dowd, Mark Verfasser aut The art of software security assessment identifying and preventing software vulnerabilities Mark Dowd ; John McDonald ; Justin Schuh 2. print. Upper Saddle River, NJ [u.a.] Addison-Wesley 2007 XXI, 1174 S. Ill., graph. Darst. txt rdacontent n rdamedia nc rdacarrier Logiciels - Vérification Réseaux d'ordinateurs - Sécurité - Mesures Sécurité informatique Computer security Computer software Development Computer networks Security measures Softwareentwicklung (DE-588)4116522-6 gnd rswk-swf Softwareschwachstelle (DE-588)4752508-3 gnd rswk-swf Computersicherheit (DE-588)4274324-2 gnd rswk-swf Softwareschwachstelle (DE-588)4752508-3 s Softwareentwicklung (DE-588)4116522-6 s DE-604 Computersicherheit (DE-588)4274324-2 s 1\p DE-604 McDonald, John 1977- Sonstige (DE-588)13840030X oth Schuh, Justin Sonstige oth http://www.loc.gov/catdir/toc/ecip0618/2006023446.html Table of contents only DNB Datenaustausch application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015427129&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis 1\p cgwrk 20201028 DE-101 https://d-nb.info/provenance/plan#cgwrk
spellingShingle	Dowd, Mark The art of software security assessment identifying and preventing software vulnerabilities Logiciels - Vérification Réseaux d'ordinateurs - Sécurité - Mesures Sécurité informatique Computer security Computer software Development Computer networks Security measures Softwareentwicklung (DE-588)4116522-6 gnd Softwareschwachstelle (DE-588)4752508-3 gnd Computersicherheit (DE-588)4274324-2 gnd
subject_GND	(DE-588)4116522-6 (DE-588)4752508-3 (DE-588)4274324-2
title	The art of software security assessment identifying and preventing software vulnerabilities
title_auth	The art of software security assessment identifying and preventing software vulnerabilities
title_exact_search	The art of software security assessment identifying and preventing software vulnerabilities
title_exact_search_txtP	The art of software security assessment identifying and preventing software vulnerabilities
title_full	The art of software security assessment identifying and preventing software vulnerabilities Mark Dowd ; John McDonald ; Justin Schuh
title_fullStr	The art of software security assessment identifying and preventing software vulnerabilities Mark Dowd ; John McDonald ; Justin Schuh
title_full_unstemmed	The art of software security assessment identifying and preventing software vulnerabilities Mark Dowd ; John McDonald ; Justin Schuh
title_short	The art of software security assessment
title_sort	the art of software security assessment identifying and preventing software vulnerabilities
title_sub	identifying and preventing software vulnerabilities
topic	Logiciels - Vérification Réseaux d'ordinateurs - Sécurité - Mesures Sécurité informatique Computer security Computer software Development Computer networks Security measures Softwareentwicklung (DE-588)4116522-6 gnd Softwareschwachstelle (DE-588)4752508-3 gnd Computersicherheit (DE-588)4274324-2 gnd
topic_facet	Logiciels - Vérification Réseaux d'ordinateurs - Sécurité - Mesures Sécurité informatique Computer security Computer software Development Computer networks Security measures Softwareentwicklung Softwareschwachstelle Computersicherheit
url	http://www.loc.gov/catdir/toc/ecip0618/2006023446.html http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=015427129&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT dowdmark theartofsoftwaresecurityassessmentidentifyingandpreventingsoftwarevulnerabilities AT mcdonaldjohn theartofsoftwaresecurityassessmentidentifyingandpreventingsoftwarevulnerabilities AT schuhjustin theartofsoftwaresecurityassessmentidentifyingandpreventingsoftwarevulnerabilities

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Inhaltsverzeichnis

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge