SB 23: Software Vulnerabilities Flashcards

1
Q

What is the PA model?

A

A model for analyzing systems for security holes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What can happen if privileges aren’t set properly?

A

Insufficient privileges could cause a DoS attack whilst excessive ones can enable attackers to exploit vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Why is it critical to verify the integrity of the access control file?

A

Because it controls the access to role accounts and you want to make sure the file has not been tampered with.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Why is it important to protect memory against unauthorized/unexpected alteration?

A

Because if two subjects can alter the contents of memory then one could change data on which the 2nd relies. Each process should therefore have a protected unshared memory space. Only trusted processes should be able to access it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is buffer overflow?

A

Involves altering of data or injecting of instructions to be executed later.

A program writes data to a buffer beyond the buffer’s allocated memory, overwriting adjacent memory locations.

By sending in data designed to cause a buffer overflow, it is possible to write into areas known to hold executable code and replace it with malicious code, or to selectively overwrite data pertaining to the program’s state, therefore causing behavior that was not intended by the original programmer.

Morris Worm used buffer overflow as one of its attack techniques.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the risk of not properly de-allocating or deleting data?

A

Dumps of memory, which can happen if an error in the program occurs, can contain information it shouldn’t. Failure to release sensitive resources can also allow unprivileged sub-processes unwanted access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Name 5 techniques for validating conditions in programs and briefly describe each technique. What security problems can arise due to failing to perform validation?

A
  1. Bounds checking
    Risks: buffer overflow
  2. Type checking
    Risks: injection attacks
  3. Error checking
    Risks: unhandled exceptions. Potentially revealing sensitive information or allowing attackers to exploit these errors
  4. Valid data check
    Risks: injection attacks, data manipulation
  5. Checking input
    Risks: injection attacks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Un-validated input

A

Failure to check input. Can lead to attackers sending commands via input that they can use to later exploit a system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

SQL Injection

A

A malicious SQL statement is inserted into an entry field for execution. Must exploit a vulnerability. i.e user input that is not properly filtered is not strongly typed.

Can be used to spoof identities, tamper with data, cause repudiation issues, etc.

Mitigate: pattern matching, software testing, grammar analysis. Or otherwise checking and validating the input.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Why is it important to be aware of program dependencies?

A

If the dependencies stop functioning correctly then the program will not function correctly either. It is important to frequently check for errors and be aware of which components cannot be checked for errors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly