Programmierer-Fehler
-
Die 25 schlimmsten Fehler die Programmierer machen
können.Improper Input Validation
Improper Encoding or Escaping of Output
Failure to Preserve SQL Query Structure (aka ‘SQL Injection’)
Failure to Preserve Web Page Structure (aka ‘Cross-site Scripting’)
Failure to Preserve OS Command Structure (aka ‘OS Command Injection’)
Cleartext Transmission of Sensitive Information
Cross-Site Request Forgery (CSRF)
Race Condition
Error Message Information Leak
Failure to Constrain Operations within the Bounds of a Memory Buffer
External Control of Critical State Data
External Control of File Name or Path
Untrusted Search Path
Failure to Control Generation of Code (aka ‘Code Injection’)
Download of Code Without Integrity Check
Improper Resource Shutdown or Release
Improper Initialization
Incorrect Calculation
Improper Access Control (Authorization)
Use of a Broken or Risky Cryptographic Algorithm
Hard-Coded Password
Insecure Permission Assignment for Critical Resource
Use of Insufficiently Random Values
Execution with Unnecessary Privileges
Client-Side Enforcement of Server-Side SecurityQuelle: SANS
Lesezeichen setzen - Thema: » Software & Entwicklung
Bitte ein Kommentar hinterlassen
Bitte anmelden um Kommentare zu schreiben.