IT Security & Network Security News & Reviews: Whodunit? Finding Security Vulnerabilities in Application Code

File/Path Manipulation

This occurs when the software allows user input to control or influence paths that are used in filesystem operations. This vulnerability could permit an attacker to access or change system files and other files critical to the application.

The Answer

The code is vulnerable to file/path manipulation because of insufficient input validation (cwe 20) on the fn parameter, which leads to arbitrary file retrieval.

Hands Off the Database

SQL injection is one of the most popular vectors of attack. When executed, the SQL statement fetches a different set of results from the database than the application would have originally requested. The attacker gains unauthorized access to or manipulates the data residing in the database on the server.

The Answer

The code is vulnerable to SQL injection because it creates an ad-hoc query using the employeeID parameter, which is untrusted.

Solving Cross-site Scripting

Cross-site scripting (XSS) remains one of the most common vulnerabilities affecting Web applications. If successful, an exploit could allow hackers to bypass access controls such as same origin policy.

The Answer

In this case, moving the <title> to after the <meta> tag prevents XSS attacks that trick the browser into using UTF-7 to decode the payload when the page should be actually rendered as UTF-8.

Recent Slideshows

• iPad 3: 10 Design Ideas Apple Should Borrow
  View Slideshow >

• 10 Hot Tech Products Sure to Fire Up the Market in 2012
  View Slideshow >

• iOS, Android App Economy Fuel 500K U.S. Jobs: TechNet
  View Slideshow >

• Microsoft's Windows 8 Minimized Ribbon, Sensors Among New Feature[..]
  View Slideshow >

• NoSQL Database: 5 Ways to Make It Enterprise-Ready
  View Slideshow >

• Facebook IPO: 10 Facts You Didn't Know Before the SEC Filing
  View Slideshow >