24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them

24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them

by Michael Howard, David LeBlanc, John Viega
Released September 2009
Publisher(s): McGraw-Hill
ISBN: 9780071626767

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

"What makes this book so important is that it reflects the experiences of two of the industry's most experienced hands at getting real-world engineers to understand just what they're being asked for when they're asked to write secure code. The book reflects Michael Howard's and David LeBlanc's experience in the trenches working with developers years after code was long since shipped, informing them of problems." --From the Foreword by Dan Kaminsky, Director of Penetration Testing, IOActive

Eradicate the Most Notorious Insecure Designs and Coding Vulnerabilities

Fully updated to cover the latest security issues, 24 Deadly Sins of Software Security reveals the most common design and coding errors and explains how to fix each one-or better yet, avoid them from the start. Michael Howard and David LeBlanc, who teach Microsoft employees and the world how to secure code, have partnered again with John Viega, who uncovered the original 19 deadly programming sins. They have completely revised the book to address the most recent vulnerabilities and have added five brand-new sins. This practical guide covers all platforms, languages, and types of applications. Eliminate these security flaws from your code:

  • SQL injection
  • Web server- and client-related vulnerabilities
  • Use of magic URLs, predictable cookies, and hidden form fields
  • Buffer overruns
  • Format string problems
  • Integer overflows
  • C++ catastrophes
  • Insecure exception handling
  • Command injection
  • Failure to handle errors
  • Information leakage
  • Race conditions
  • Poor usability
  • Not updating easily
  • Executing code with too much privilege
  • Failure to protect stored data
  • Insecure mobile code
  • Use of weak password-based systems
  • Weak random numbers
  • Using cryptography incorrectly
  • Failing to protect network traffic
  • Improper use of PKI
  • Trusting network name resolution

Table of contents

  1. Cover Page
  2. 24 Deadly Sins Of Software Security
  3. Copyright Page
  4. Contents
  5. Foreword
  6. Acknowledgments
  7. Introduction
  8. Part I Web Application Sins
    1. 1 SQL Injection
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. A Note about Linq
        2. Sinful C#
        3. Sinful PHP
        4. Sinful Perl/CGI
        5. Sinful Python
        6. Sinful Ruby on Rails
        7. Sinful Java and JDBC
        8. Sinful C/C++
        9. Sinful SQL
        10. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. CVE-2006-4953
        2. CVE-2006-4592
      9. Redemption Steps
        1. Validate All Input
        2. Use Prepared Statements to Build SQL Statements
        3. C# Redemption
        4. PHP 5.0 and MySQL 4.1 or Later Redemption
        5. Perl/CGI Redemption
        6. Python Redemption
        7. Ruby on Rails Redemption
        8. Java Using JDBC Redemption
        9. ColdFusion Redemption
        10. SQL Redemption
      10. Extra Defensive Measures
        1. Encrypt Sensitive, PII, or Confidential Data
        2. Use URLScan
      11. Other Resources
      12. Summary
    2. 2 Web Server–Related Vulnerabilities (XSS, XSRF, and Response Splitting)
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. DOM-Based XSS or Type 0
        2. Reflected XSS, Nonpersistent XSS, or Type 1
        3. Stored XSS, Persistent XSS, or Type 2
        4. HTTP Response Splitting
        5. Cross-Site Request Forgery
        6. Sinful Ruby on Rails (XSS)
        7. Sinful Ruby on Rails (Response Splitting)
        8. Sinful CGI Application in Python (XSS)
        9. Sinful CGI Application in Python (Response Splitting)
        10. Sinful ColdFusion (XSS)
        11. Sinful ColdFusion (XSS)
        12. Sinful C/C++ ISAPI (XSS)
        13. Sinful C/C++ ISAPI (Response Splitting)
        14. Sinful ASP (XSS)
        15. Sinful ASP (Response Splitting)
        16. Sinful ASP.NET Forms (XSS)
        17. Sinful ASP.NET (Response Splitting)
        18. Sinful JSP (XSS)
        19. Sinful JSP (Response Splitting)
        20. Sinful PHP (XSS)
        21. Sinful PHP (Response Splitting)
        22. Sinful CGI Using Perl (XSS)
        23. Sinful mod_perl (XSS)
        24. Sinful mod_perl (Response Splitting)
        25. Sinful HTTP Requests (XSRF)
      5. Spotting the Sin Pattern
      6. Spotting the XSS Sin During Code Review
        1. Spotting the XSRF Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. CVE-2003-0712 Microsoft Exchange 5.5 Outlook Web Access XSS
        2. CVE-2004-0203 Microsoft Exchange 5.5 Outlook Web Access Response Splitting
        3. CVE-2005-1674 Help Center Live (XSS and XSRF)
      9. Redemption Steps (XSS and Response Splitting)
        1. Ruby on Rails Redemption (XSS)
        2. ISAPI C/C++ Redemption (XSS)
        3. Python Redemption(XSS)
        4. ASP Redemption (XSS)
        5. ASP.NET Web Forms Redemption (XSS)
        6. ASP.NET Web Forms Redemption (RS)
        7. JSP Redemption (XSS)
        8. PHP Redemption (XSS)
        9. CGI Redemption (XSS)
        10. mod_perl Redemption (XSS)
      10. Redemption Steps (XSRF)
        1. A Note about Timeouts
        2. A Note about XSRF and POST vs. GET
        3. Ruby on Rails Redemption (XSRF)
        4. ASP.NET Web Forms Redemption (XSRF)
        5. Non-Draconian Use of HTML Encode
      11. Extra Defensive Measures
        1. Use HttpOnly Cookies
        2. Wrap Tag Properties with Double Quotes
        3. Consider Using ASP.NET ViewStateUserKey
        4. Consider Using ASP.NET ValidateRequest
        5. Use the ASP.NET Security Runtime Engine Security
        6. Consider Using OWASP CSRFGuard
        7. Use Apache::TaintRequest
        8. Use UrlScan
        9. Set a Default Character Set
      12. Other Resources
      13. Summary
    3. 3 Web Client–Related Vulnerabilities (XSS)
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Privacy Implications of Sinful Gadgets
        2. Sinful JavaScript and HTML
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. Microsoft ISA Server XSS CVE-2003-0526
        2. Windows Vista Sidebar CVE-2007-3033 and CVE-2007-3032
        3. Yahoo! Instant Messenger ActiveX Control CVE-2007-4515
      9. Redemption Steps
        1. Don’t Trust Input
        2. Replace Insecure Constructs with More Secure Constructs
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
    4. 4 Use of Magic URLs, Predictable Cookies, and Hidden Form Fields
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Magic URLs
        2. Predictable Cookies
        3. Hidden Form Fields
        4. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. CVE-2005-1784
      9. Redemption Steps
        1. Attacker Views the Data
        2. Attacker Replays the Data
        3. Attacker Predicts the Data
        4. Attacker Changes the Data
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
  9. Part II Implementation Sins
    1. 5 Buffer Overruns
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. 64-bit Implications
        2. Sinful C/C++
        3. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. CVE-1999-0042
        2. CVE-2000-0389–CVE-2000-0392
        3. CVE-2002-0842, CVE-2003-0095, CAN-2003-0096
        4. CAN-2003-0352
      9. Redemption Steps
        1. Replace Dangerous String Handling Functions
        2. Audit Allocations
        3. Check Loops and Array Accesses
        4. Replace C String Buffers with C++ Strings
        5. Replace Static Arrays with STL Containers
        6. Use Analysis Tools
      10. Extra Defensive Measures
        1. Stack Protection
        2. Nonexecutable Stack and Heap
      11. Other Resources
      12. Summary
    2. 6 Format String Problems
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Sinful C/C++
        2. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. CVE-2000-0573
        2. CVE-2000-0844
      9. Redemption Steps
        1. C/C++ Redemption
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
    3. 7 Integer Overflows
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Sinful C and C++
        2. Sinful C#
        3. Sinful Visual Basic and Visual Basic .NET
        4. Sinful Java
        5. Sinful Perl
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
        1. C/C++
        2. C#
        3. Java
        4. Visual Basic and Visual Basic .NET
        5. Perl
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. Multiple Integer Overflows in the SearchKit API in Apple Mac OS X
        2. Integer Overflow in Google Android SDK
        3. Flaw in Windows Script Engine Could Allow Code Execution
        4. Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise
      9. Redemption Steps
        1. Do the Math
        2. Don’t Use Tricks
        3. Write Out Casts
        4. Use SafeInt
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
    4. 8 C++ Catastrophes
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Sinful Calls to Delete
        2. Sinful Copy Constructors
        3. Sinful Constructors
        4. Sinful Lack of Reinitialization
        5. Sinful Ignorance of STL
        6. Sinful Pointer Initialization
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. CVE-2008-1754
      9. Redemption Steps
        1. Mismatched new and delete Redemption
        2. Copy Constructor Redemption
        3. Constructor Initialization Redemption
        4. Reinitialization Redemption
        5. STL Redemption
        6. Uninitialized Pointer Redemption
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
    5. 9 Catching Exceptions
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Sinful C++ Exceptions
        2. Sinful Structured Exception Handling (SEH)
        3. Sinful Signal Handling
        4. Sinful C#, VB.NET, and Java
        5. Sinful Ruby
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. CVE-2007-0038
      9. Redemption Steps
        1. C++ Redemption
        2. SEH Redemption
        3. Signal Handler Redemption
      10. Other Resources
      11. Summary
    6. 10 Command Injection
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. CAN-2001-1187
        2. CAN-2002-0652
      9. Redemption Steps
        1. Data Validation
        2. When a Check Fails
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
    7. 11 Failure to Handle Errors Correctly
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Yielding Too Much Information
        2. Ignoring Errors
        3. Misinterpreting Errors
        4. Using Useless Return Values
        5. Using Non-Error Return Values
        6. Sinful C/C++
        7. Sinful C/C++ on Windows
        8. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sin
        1. CVE-2007-3798 tcpdump print-bgp.c Buffer Overflow Vulnerability
        2. CVE-2004-0077 Linux Kernel do_mremap
      9. Redemption Steps
        1. C/C++ Redemption
      10. Other Resources
      11. Summary
    8. 12 Information Leakage
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Side Channels
        2. TMI: Too Much Information!
        3. A Model for Information Flow Security
        4. Sinful C# (and Any Other Language)
        5. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
        1. The Stolen Laptop Scenario
      8. Example Sins
        1. CVE-2008-4638
        2. CVE-2005-1133
      9. Redemption Steps
        1. C# (and Other Languages) Redemption
        2. Network Locality Redemption
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
    9. 13 Race Conditions
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Sinful Code
        2. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. CVE-2008-0379
        2. CVE-2008-2958
        3. CVE-2001-1349
        4. CAN-2003-1073
        5. CVE-2000-0849
      9. Redemption Steps
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
    10. 14 Poor Usability
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Who Are Your Users?
        2. The Minefield: Presenting Security Information to Your Users
        3. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. SSL/TLS Certificate Authentication
        2. Internet Explorer 4.0 Root Certificate Installation
      9. Redemption Steps
        1. When Users Are Involved, Make the UI Simple and Clear
        2. Make Security Decisions for Users
        3. Make Selective Relaxation of Security Policy Easy
        4. Clearly Indicate Consequences
        5. Make It Actionable
        6. Provide Central Management
      10. Other Resources
      11. Summary
    11. 15 Not Updating Easily
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Sinful Installation of Additional Software
        2. Sinful Access Controls
        3. Sinful Prompt Fatigue
        4. Sinful Ignorance
        5. Sinfully Updating Without Notifying
        6. Sinfully Updating One System at a Time
        7. Sinfully Forcing a Reboot
        8. Sinfully Difficult Patching
        9. Sinful Lack of a Recovery Plan
        10. Sinfully Trusting DNS
        11. Sinfully Trusting the Patch Server
        12. Sinful Update Signing
        13. Sinful Update Unpacking
        14. Sinful User Application Updating
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. Apple QuickTime Update
        2. Microsoft SQL Server 2000 Patches
        3. Google’s Chrome Browser
      9. Redemption Steps
        1. Installation of Additional Software Redemption
        2. Access Control Redemption
        3. Prompt Fatigue Redemption
        4. User Ignorance Redemption
        5. Updating Without Notifying Redemption
        6. Updating One System at a Time Redemption
        7. Forcing a Reboot Redemption
        8. Difficult Patching Redemption
        9. Lack of a Recovery Plan Redemption
        10. Trusting DNS Redemption
        11. Trusting the Patch Server Redemption
        12. Update Signing Redemption
        13. Update Unpacking Redemption
        14. User Application Updating Redemption
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
    12. 16 Executing Code with Too Much Privilege
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
      9. Redemption Steps
        1. Windows, C, and C++
        2. Linux, BSD, and Mac OS X
        3. .NET Code
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
    13. 17 Failure to Protect Stored Data
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Weak Access Controls on Stored Data
        2. Sinful Access Controls
        3. Weak Encryption of Stored Data
        4. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. CVE-2000-0100
        2. CVE-2005-1411
        3. CVE-2004-0907
      9. Redemption Steps
        1. C++ Redemption on Windows
        2. C# Redemption on Windows
        3. C/C++ Redemption (GNOME)
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
    14. 18 The Sins of Mobile Code
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Sinful Mobile Code
        2. Sinful Mobile Code Containers
        3. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. CVE-2006-2198
        2. CVE-2008-1472
        3. CVE-2008-5697
      9. Redemption Steps
        1. Mobile Code Container Redemption Steps
        2. Mobile Code Redemptions
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
  10. Part III Cryptographic Sins
    1. 19 Use of Weak Password-Based Systems
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Password Compromise
        2. Allowing Weak Passwords
        3. Password Iteration
        4. Not Requiring Password Changes
        5. Default Passwords
        6. Replay Attacks
        7. Storing Passwords Instead of Password Verifiers
        8. Brute-Force Attacks Against Password Verifiers
        9. Revealing Whether a Failure Is Due to an Incorrect User or Password
        10. Online Attacks
        11. Returning a Forgotten Password
        12. Related Sins
      5. Spotting the Sin Pattern
        1. Password Compromise
        2. Allowing Weak Passwords
        3. Iterated Passwords
        4. Never Changing a Password
        5. Default Passwords
        6. Replay Attacks
        7. Brute Force Attacks Against Password Verifiers
        8. Storing Passwords Instead of Password Verifiers
        9. Online Attacks
        10. Returning a Forgotten Password
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
        1. Password Compromise
        2. Replay Attacks
        3. Brute-Force Attacks
      8. Example Sins
        1. Zombies Ahead!
        2. Microsoft Office Password to Modify
        3. Adobe Acrobat Encryption
        4. WU-ftpd Core Dump
        5. CVE-2005-1505
        6. CVE-2005-0432
        7. The TENEX Bug
        8. Sarah Palin Yahoo E-Mail Compromise
      9. Redemption Steps
        1. Password Compromise Redemption
        2. Weak Password Redemption
        3. Iterated Password Redemption
        4. Password Change Redemption
        5. Default Password Redemption
        6. Replay Attack Redemption
        7. Password Verifier Redemption
        8. Online Brute-Force Attack Redemption
        9. Logon Information Leak Redemption
        10. Forgotten Password Redemption
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
    2. 20 Weak Random Numbers
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Sinful Non-cryptographic Generators
        2. Sinful Cryptographic Generators
        3. Sinful True Random Number Generators
        4. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
        1. When Random Numbers Should Have Been Used
        2. Finding Places That Use PRNGs
        3. Determining Whether a CRNG Is Seeded Properly
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. TCP/IP Sequence Numbers
        2. ODF Document Encryption Standard
        3. CVE-2008-0166 Debian “Random” Key Generation
        4. The Netscape Browser
      9. Redemption Steps
        1. Windows, C, and C++
        2. Windows with Trusted Platform Module (TPM) Support
        3. .NET Code
        4. Unix
        5. Java
        6. Replaying Number Streams
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
    3. 21 Using Cryptography Incorrectly
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Using Home-Grown Cryptography
        2. Creating a Protocol from Low-Level Algorithms When a High-Level Protocol Will Do
        3. Using a Weak Cryptographic Primitive
        4. Using a Cryptographic Primitive Incorrectly
        5. Using the Wrong Cryptographic Primitive
        6. Using the Wrong Communication Protocol
        7. Failing to Use Salt
        8. Failing to Use a Random IV
        9. Using a Weak Key Derivation Function
        10. Failure to Provide an Integrity Check
        11. Failure to Use Agile Encryption
        12. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
        1. Using Home-Grown Cryptography (VB.NET and C++)
        2. Creating a Protocol from Low-Level Algorithms When a High-Level Protocol Will Do
        3. Using a Weak Cryptographic Primitive (C# and C++)
        4. Using a Cryptographic Primitive Incorrectly (Ruby, C#, and C++)
        5. Using the Wrong Cryptographic Primitive
        6. Using the Wrong Communication Protocol
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. Microsoft Office XOR Obfuscation
        2. Adobe Acrobat and Microsoft Office Weak KDF
      9. Redemption Steps
        1. Using Home-Grown Cryptography Redemption
        2. Creating a Protocol from Low-Level Algorithms When a High-Level Protocol Will Do Redemption
        3. Using a Weak Cryptographic Primitive Redemption
        4. Using a Cryptographic Primitive Incorrectly Redemption
        5. Using the Wrong Cryptographic Primitive Redemption
        6. Failing to Use Salt Redemption
        7. Failing to Use a Random IV Redemption
        8. Using a Weak Key Derivation Function Redemption
        9. Failure to Provide an Integrity Check Redemption
        10. Failure to Use Agile Encryption Redemption
        11. Using the Wrong Communication Protocol Redemption
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
  11. Part IV Networking Sins
    1. 22 Failing to Protect Network Traffic
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. TCP/IP
        2. E-Mail Protocols
        3. E*TRADE
      9. Redemption Steps
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
    2. 23 Improper Use of PKI, Especially SSL
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. CVE-2007-4680
        2. CVE-2008-2420
      9. Redemption Steps
        1. Ensuring Certificate Validity
      10. Extra Defensive Measures
      11. Other Resources
      12. Summary
    3. 24 Trusting Network Name Resolution
      1. Overview of the Sin
      2. CWE References
      3. Affected Languages
      4. The Sin Explained
        1. Sinful Applications
        2. Related Sins
      5. Spotting the Sin Pattern
      6. Spotting the Sin During Code Review
      7. Testing Techniques to Find the Sin
      8. Example Sins
        1. CVE-2002-0676
        2. CVE-1999-0024
      9. Redemption Steps
      10. Other Resources
      11. Summary
  12. Index

Product information

  • Title: 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them
  • Author(s): Michael Howard, David LeBlanc, John Viega
  • Release date: September 2009
  • Publisher(s): McGraw-Hill
  • ISBN: 9780071626767