Misconfigured security features or Incorrect use of security
Session cookie is not randomized enoughNumerous applications use a session cookie to maintain the state of a logged in user. The use of authentication to validate the user that has
Session cookie is not randomized enoughNumerous applications use a session cookie to maintain the state of a logged in user. The use of authentication to validate the user that has
If you are going to hack a phone system, do you really want to hack the Department of Homeland Security? That’s what happened this weekend when someone made hundreds of
Buffer Overflow Overview Buffer overflows are the classic security vulnerability that have been around since the beginning of programming, and are still occurring everywhere today. Buffer overflows are very prevalent
Directory Traversal Overview Directory Traversal vulnerabilities occur once again when the user supplied input is not validated. You think we would get tired of saying this, but it appears this
Are you Vulnerable? If you don’t have the luxury of building secure software from the start and your business uses off the shelf software to get your work done you
Error Messages Overview Think about these questions. * Why are Error Conditions and Error Messages a security problem? * What’s wrong with error conditions? * Wouldn’t an administrator want the
This will not be very long, nor will I go into excessive amounts of detail into the tools and steps required. The purpose of this paper is simply to help