CIA RESEARCH
Top Vulnerabilities
Vulnerabilities Assessment
Cenzic Hailstorm is a complete web application security
vulnerability management, and security enforcement assessment software.
It is designed to comprehensively test for a wide  variety
security vulnerabilities, from low-level HTTP vulnerabilities to complex
business logic level issues that can result in severe vulnerabilities
(for example, failures in authentication procedures or in password strength
enforcement). Cenzic advises that, at a very minimum, vulnerabilities
assessment of commercial web applications must be conducted in the following
areas.
 SQL
Disclosure
Forceful
Browsing Past Authorization Boundary
Insufficient
Password Strength
Cross-Site
Scripting
Buffer
Overflow
Command
Injection
SQL
Parser
All
Forms Submitted via SSL
Source:
Cenzic Imperative Assessment Plan
White Paper
OWASP Top 10 Security Vulnerabilities
Organizations must conduct vulnerability assessments to
ensure protection against the top security vulnerability from The Open
Web Application Security Project (OWASP).
|
Unvalidated
Input |
Information
from web requests is not validated before being used by a web application. |
| Broken Access Control |
Restrictions on what authenticated
users are allowed to do are not properly enforced. |
| Broken Authentication and Session
Mgmt.. |
Account credentials and session
tokens are not properly protected. |
| Cross-site Scripting (XSS)
Flaws |
The web application can be used
as a mechanism to transport an attack to an end user's browser. |
| Buffer Overflows |
Web applications pass parameters
when they access external systems or the local operation system. If
an attacker can embed malicious commands in these parameters, the
external system may execute those commands on behalf of the web application. |
| Improper Error Handling |
Error conditions that occur during
normal operation are not handled properly and could result in giving
detailed system information to a hacker, or crash the server. |
| Insecure Storage |
Web applications frequently use
cryptographic functions to protect information and credentials. If
not coded properly, it can result in weak protection. |
| Denial of Service |
Attackers can consume web application
resources to a point where legitimate users can no longer access or
use the application. |
| Insecure configuration management |
Strong server configuration standard
is critical to a secure web application. Servers are not secure out
of the box and need to be configured for security. |
Source:
OWASP
web site.
SANS Top 20
Protect against top security vulnerabilities described
by The Open Web Application Security Project (OWASP).
Top Vulnerabilities to Windows Systems
|
- W1 Internet Information Services (IIS)
- W2 Microsoft SQL Server (MSSQL)
- W3 Windows Authentication
- W4 Internet Explorer (IE)
- W5 Windows Remote Access Services
- W6 Microsoft Data Access Components (MDAC)
- W7 Windows Scripting Host (WSH)
- W8 Microsoft Outlook and Outlook Express
- W9 Windows Peer to Peer File Sharing (P2P)
- W10 Simple Network Management Protocol (SNMP)
|
Top Vulnerabilities to UNIX Systems
|
- U1 BIND Domain Name System
- U2 Remote Procedure Calls (RPC)
- U3 Apache Web Server
- U4 General UNIX Authentication Accounts with
No Passwords or Weak Passwords
- U5 Clear Text Services
- U6 Sendmail
- U7 Simple Network Management Protocol (SNMP)
- U8 Secure Shell (SSH)
- U9 Misconfiguration of Enterprise Services NIS/NFS
- U10 Open Secure Sockets Layer (SSL)
|
Compliance Resources
Gramm-Leach-Bliley-Act
Sarbanes-Oxley
HIPAA
SB 1386
|
