[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249982

 
 

909

 
 

195748

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

Allowing a .NET application to run at potentially escalated levels of access to the underlying operating and file systems can be dangerous and result in various forms of attacks.

The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.

This weakness occurs when the application transmits or stores authentication credentials and uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Login pages not using adequate measures to protect the user name and password while they are in transit from the client to the server.

The application uses a cache to maintain a pool of objects, threads, connections, pages, or passwords to minimize the time it takes to access them or the resources to which they connect. If implemented improperly, these caches can allow access to unauthorized information or cause a denial of service vulnerability.

For each web page, the application should have an appropriate caching policy specifying the extent to which the page and its form fields should be cached.

Environmental variables may contain sensitive information about a remote server.

The product stores a CVS repository in a directory or other container that is accessible to actors outside of the intended control sphere.

The product generates a core dump file in a directory that is accessible to actors outside of the intended control sphere.

The product stores access control list files in a directory or other container that is accessible to actors outside of the intended control sphere.


Pages:      Start    38    39    40    41    42    43    44    45    46    47    48    49    50    51    ..   90

© SecPod Technologies