[Forgot Password]
Login  Register Subscribe

24544

 
 

132176

 
 

121100

 
 

909

 
 

98726

 
 

148

 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

A product can be used as an intermediary or proxy between an attacker and the ultimate target, so that the attacker can either bypass access controls or hide activities.

When malformed or abnormal HTTP requests are interpreted by one or more entities in the data flow between the user and the web server, such as a proxy or firewall, they can be interpreted inconsistently, allowing the attacker to "smuggle" a request to one device without the other device being aware of it.

The software does not properly encode or decode the data, resulting in unexpected values.

The software uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.

The software performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

The software may use insufficiently random numbers or values in a security context that depends on unpredictable numbers.

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.

The software constructs all or part of an LDAP query using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended LDAP query when it is sent to a downstream component.

The software allocates file descriptors or handles on behalf of an actor without imposing any restrictions on how many descriptors can be allocated, in violation of the intended security policy for that actor.

The software can be influenced by an attacker to open more files than are supported by the system.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   90

© SecPod Technologies