Dotsecure Information Security: List of Common Web Application Problems

Monday, November 14, 2005

List of Common Web Application Problems

1. Brute Force Attacks
2. Insufficient Authentication
3. Insufficient Authorisation
4. Weak Password Recovery Validation
5. Credential/Session Prediction
6. Insufficient Session Expiration
7. Session Fixation
8. Content Spoofing / Cross-Site Scripting
9. Command Execution / Buffer Overflow / OS Commanding / Format String Attack
10. LDAP Injection / SQL Injection
11. SSI Injection
12. XPath Injection
13. Directory Indexing
14. Information Leakage
15. Path Traversal
16. Predictable Resource Location
17. Abuse of Functionality
18. Denial of Service
19. Insufficient Anti-Automation
20. Insufficient Process Validation
21. NTLM Authentication Connection Sharing
22. Insecure Indexing
23. DOM-based XSS
24. Cross-Site Request Forgery
25. HTTP Response Splitting
26. HTTP Request Smuggling

Dotsecure Information Security

Informaton Security Writers Latest Security Papers

Computer Security News by Security Focus

Network Security News by Network World

Monday, November 14, 2005

List of Common Web Application Problems

0 Comments:

About Me