Vulnerability Examples

SQL Injection

One of the most common (and easiest to avoid) vulnerabilities made by novice programmers allows SQL injection.  This occurs when server-side code sends user-submitted data to a database using SQL:

"SELECT * FROM table WHERE value = $value"

Consider what would happen if the $value variable contained:

"NULL; DROP DATABASE database"

Buffer Overruns

Traditionally, buffer overruns constitute the majority of security problems in code.  This can effect any language that doesn't check array bounds at runtime (C or C++ for example).  Consider the following code:

strcpy (buffer, user_string);

If the user can provide an arbitrary length string in the variable user_string, then an attacker could manipulate memory outside the bounds of the buffer array.

Here is an example of bad code which is could easily be exploited:

int verify_user () {
    char name [10];
    int loggedin = 0;

    scanf ("%s", name);
    ....
    return loggedin;
}

SelectionFile type iconFile nameDescriptionSizeRevisionTimeUser
ċ

View
  Nov 5, 2010, 8:57 AM Ryanne Dolan
ċ

View
  Nov 5, 2010, 8:57 AM Ryanne Dolan
ċ

View
  Nov 5, 2010, 8:55 AM Ryanne Dolan
ċ

View
  Nov 5, 2010, 8:53 AM Ryanne Dolan
ċ

View
  Nov 5, 2010, 8:54 AM Ryanne Dolan
Subpages (2): CRLF Examples XSS Examples
Comments