Skip to content

19 Deadly Sins of Software Security

ISBN-10: 0072260858

ISBN-13: 9780072260854

Edition: 2006

Authors: Michael Howard, David LeBlanc, John Viega

List price: $45.00
Blue ribbon 30 day, 100% satisfaction guarantee!
what's this?
Rush Rewards U
Members Receive:
Carrot Coin icon
XP icon
You have reached 400 XP and carrot coins. That is the daily max!

Description:

The authors have come together to provide software developers with the common security coding errors that they need to stop making, as well as how to fix these errors once and for all.
Customers also bought

Book details

List price: $45.00
Copyright year: 2006
Publisher: McGraw-Hill Osborne
Publication date: 7/26/2005
Binding: Paperback
Pages: 304
Size: 7.25" wide x 8.75" long x 0.75" tall
Weight: 1.144
Language: English

David LeBlanc, Ph.D., is a founding member of the Trustworthy Computing Initiative at Microsoft(R). He has been developing solutions for computing security issues since 1992 and has created award-winning tools for assessing network security and uncovering security vulnerabilities. David is a senior developer in the Microsoft Office Trustworthy Computing group.

Foreword
Acknowledgments
Introduction
Buffer Overruns
Overview of the Sin
Affected Languages
The Sin Explained
Sinful C/C++
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
Example Sins
CVE-1999-0042
CVE-2000-0389-CVE-2000-0392
CVE-2002-0842, CVE-2003-0095, CAN-2003-0096
CAN-2003-0352
Redemption Steps
Replace Dangerous String Handling Functions
Audit Allocations
Check Loops and Array Accesses
Replace C String Buffers with C++ Strings
Replace Static Arrays with STL Containers
Use Analysis Tools
Extra Defensive Measures
Stack Protection
Non-executable Stack and Heap
Other Resources
Summary
Format String Problems
Overview of the Sin
Affected Languages
The Sin Explained
Sinful C/C++
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
Example Sins
CVE-2000-0573
CVE-2000-0844
Redemption Steps
C/C++ Redemption
Extra Defensive Measures
Other Resources
Summary
Integer Overflows
Overview of the Sin
Affected Languages
The Sin Explained
Sinful C and C++
Sinful C#
Sinful Visual Basic and Visual Basic .NET
Sinful Java
Sinful Perl
Spotting the Sin Pattern
Spotting the Sin During Code Review
C/C++
C#
Java
Visual Basic and Visual Basic .NET
Perl
Testing Techniques to Find the Sin
Example Sins
Flaw in Windows Script Engine Could Allow Code Execution
Integer Overflow in the SOAPParameter Object Constructor
Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise
Redemption Steps
Extra Defensive Measures
Other Resources
Summary
SQL Injection
Overview of the Sin
Affected Languages
The Sin Explained
Sinful C#
Sinful PHP
Sinful Perl/CGI
Sinful Java and JDBC
Sinful SQL
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
Example Sins
CAN-2004-0348
CAN-2002-0554
Redemption Steps
Validate All Input
Never Use String Concatenation to Build SQL Statements
PHP 5.0 and MySQL 4.1 or Later Redemption
Perl/CGI Redemption
Java Using JDBC Redemption
ColdFusion Redemption
SQL Redemption
Extra Defensive Measures
Other Resources
Summary
Command Injection
Overview of the Sin
Affected Languages
The Sin Explained
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
Example Sins
CAN-2001-1187
CAN-2002-0652
Redemption Steps
Data Validation
When a Check Fails
Extra Defensive Measures
Other Resources
Summary
Failing to Handle Errors
Overview of the Sin
Affected Languages
The Sin Explained
Yielding Too Much Information
Ignoring Errors
Misinterpreting Errors
Using Useless Error Values
Handling the Wrong Exceptions
Handling All Exceptions
Sinful C/C++
Sinful C/C++ on Windows
Sinful C++
Sinful C#, VB.NET, and Java
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
Example Sin
CAN-2004-0077 Linux Kernel do_mremap
Redemption Steps
C/C++ Redemption
C#, VB.NET, and Java Redemption
Other Resources
Summary
Cross-Site Scripting
Overview of the Sin
Affected Languages
The Sin Explained
Sinful C/C++ ISAPI Application or Filter
Sinful ASP
Sinful ASP.NET Forms
Sinful JSP
Sinful PHP
Sinful CGI Using Perl
Sinful mod_perl
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
Example Sins
IBM Lotus Domino Cross-Site Scripting and HTML Injection Vulnerabilities
Oracle HTTP Server "isqlplus" Input Validation Flaws Let Remote Users Conduct Cross-Site Scripting Attacks
CVE-2002-0840
Redemption Steps
ISAPI C/C++ Redemption
ASP Redemption
ASP.NET Forms Redemption
JSP Redemption
PHP Redemption
CGI Redemption
mod_perl Redemption
A Note on HTML Encode
Extra Defensive Measures
Other Resources
Summary
Failing to Protect Network Traffic
Overview of the Sin
Affected Languages
The Sin Explained
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
Example Sins
TCP/IP
E-mail Protocols
E*Trade
Redemption Steps
Low-Level Recommendations
Extra Defensive Measures
Other Resources
Summary
Use of Magic URLs and Hidden Form Fields
Overview of the Sin
Affected Languages
The Sin Explained
Magic URLs
Hidden Form Fields
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
Example Sins
CAN-2000-1001
MaxWebPortal Hidden Form Field Modification
Redemption Steps
Attacker Views the Data
Attacker Replays the Data
Attacker Predicts the Data
Attacker Changes the Data
Extra Defensive Measures
Other Resources
Summary
Improper Use of SSL and TLS
Overview of the Sin
Affected Languages
The Sin Explained
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
Example Sins
E-mail Clients
Safari Web Browser
The Stunnel SSL Proxy
Redemption Steps
Choosing a Protocol Version
Choosing a Cipher Suite
Ensuring Certificate Validity
Validating the Hostname
Checking Certificate Revocation
Extra Defensive Measures
Other Resources
Summary
Use of Weak Password-Based Systems
Overview of the Sin
Affected Languages
The Sin Explained
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Password Content Policy
Password Changes and Resets
Password Protocols
Password Handling and Storage
Testing Techniques to Find the Sin
Example Sins
CVE-2005-1505
CVE-2005-0432
The TENEX Bug
The Paris Hilton Hijacking
Redemption Steps
Multifactor Authentication
Storing and Checking Passwords
Guidelines for Choosing Protocols
Guidelines for Password Resets
Guidelines for Password Choice
Other Guidelines
Extra Defensive Measures
Other Resources
Summary
Failing to Store and Protect Data Securely
Overview of the Sin
Affected Languages
The Sin Explained
Weak Access Controls to "Protect" Secret Data
Sinful Access Controls
Embedding Secret Data in Code
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
Example Sins
CVE-2000-0100
CAN-2002-1590
CVE-1999-0886
CAN-2004-0311
CAN-2004-0391
Redemption Steps
Use the Operating System's Security Technologies
C/C++ Windows 2000 and Later Redemption
ASP.NET 1.1 and Later Redemption
C#.NET Framework 2.0 Redemption
C/C++ Mac OS X v10.2 and Later Redemption
Redemption with No Operating System Help (or Keeping Secrets Out of Harm's Way)
A Note on Java and the Java KeyStore
Extra Defensive Measures
Other Resources
Summary
Information Leakage
Overview of the Sin
Affected Languages
The Sin Explained
Side Channels
TMI: Too Much Information!
A Model for Information Flow Security
Sinful C# (and Any Other Language)
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
The Stolen Laptop Scenario
Example Sins
Dan Bernstein's AES Timing Attack
CAN-2005-1411
CAN-2005-1133
Redemption Steps
C# (and Other Languages) Redemption
Network Locality Redemption
Extra Defensive Measures
Other Resources
Summary
Improper File Access
Overview of the Sin
Affected Languages
The Sin Explained
Sinful C/C++ on Windows
Sinful C/C++
Sinful Perl
Sinful Python
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
Example Sins
CAN-2005-0004
CAN-2005-0799
CAN-2004-0452 and CAN-2004-0448
CVE-2004-0115 Microsoft Virtual PC for the Macintosh
Redemption Steps
Perl Redemption
C/C++ Redemption on *nix
C/C++ Redemption on Windows
Getting the Location of the User's Temporary Directory
.NET Code Redemption
Extra Defensive Measures
Other Resources
Summary
Trusting Network Name Resolution
Overview of the Sin
Affected Languages
The Sin Explained
Sinful Applications
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
Example Sins
CVE-2002-0676
CVE-1999-0024
Redemption Steps
Other Resources
Summary
Race Conditions
Overview of the Sin
Affected Languages
The Sin Explained
Sinful Code
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
Example Sins
CVE-2001-1349
CAN-2003-1073
CVE-2000-0849
Redemption Steps
Extra Defensive Measures
Other Resources
Summary
Unauthenticated Key Exchange
Overview of the Sin
Affected Languages
The Sin Explained
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
Example Sins
Novell Netware MITM Attack
CAN-2004-0155
Redemption Steps
Extra Defensive Measures
Other Resources
Summary
Cryptographically Strong Random Numbers
Overview of the Sin
Affected Languages
The Sin Explained
Sinful NonCryptographic Generators
Sinful Cryptographic Generators
Sinful True Random Number Generators
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
When Random Numbers Should Have Been Used
Finding Places that Use PRNGs
Determining Whether a CRNG Is Seeded Properly
Testing Techniques to Find the Sin
Example Sins
The Netscape Browser
OpenSSL Problems
Redemption Steps
Windows
.NET Code
Unix
Java
Replaying Number Streams
Extra Defensive Measures
Other Resources
Summary
Poor Usability
Overview of the Sin
Affected Languages
The Sin Explained
Who Are Your Users?
The Minefield: Presenting Security Information to Your Users
Related Sins
Spotting the Sin Pattern
Spotting the Sin During Code Review
Testing Techniques to Find the Sin
Example Sins
SSL/TLS Certificate Authentication
Internet Explorer 4.0 Root Certificate Installation
Redemption Steps
When Users Are Involved, Make the UI Simple and Clear
Make Security Decisions for Users
Make Selective Relaxation of Security Policy Easy
Clearly Indicate Consequences
Make It Actionable
Provide Central Management
Other Resources
Summary
Mapping the 19 Deadly Sins to the OWASP "Top Ten"
Summary of Do's and Don'ts
Buffer Overruns Summary
Format String Problems Summary
Integer Overflows Summary
SQL Injection Summary
Command Injection Summary
Failing to Handle Errors Summary
Cross-Site Scripting Summary
Failing to Protect Network Traffic Summary
Use of Magic URLs and Hidden Form Fields Summary
Improper Use of SSL and TLS Summary
Use of Weak Password-Based Systems Summary
Failing to Store and Protect Data Securely Summary
Information Leakage Summary
Improper File Access Summary
Trusting Network Name Resolution Summary
Race Conditions Summary
Unauthenticated Key Exchange Summary
Cryptographically Strong Random Numbers Summary
Poor Usability Summary
Index