Tag Archives: isc2

‘Insecure’ Concepts

An extract straight from ISC2’s CSSLP Overview but always useful to consider. The rest of the CSSLP brochure can be found hereĀ (pdf).

Characteristic What is it? Insecure Code Examples How to Fix It
I Injectable Code Code that makes injection attacks possible by allowing user supplied input to be executed as code. No input validation,
Dynamic construction of queries
Input validation,
Parameterized queries
N Non-Repudiation Mechanisms not Present Authenticity of code origin and actions are disputable. Unsigned executables,
Auditing not present
Code Signing
S Spoofable Code Code that makes spoofing attacks possible. Predictable session identifiers, hard-coded passwords, caching credentials and allowing identify impersonation Session, Cache and Password Management,
Managing identify impersonation
E Exceptions and Errors not Properly Handled Code that reveals verbose error messages and exception details, or fails-open in the event of a failure. Verbose errors,
Unhandled exceptions,
Fails open
Non-verbose error messages,
Explicit exception handling (Try-Catch-Finally blocks),
C Cryptographically Weak Code Code that uses non-standard, weak or custom cryptographic algorithms and manages keys insecurely. Key not derived and managed securely Do no use weak, non-standard, algorithms, custom cryptography,
Use RNG/PRNG for key derivation
U Unsafe/Unused Functions and Routines in Code Code that increases attach surface by using unsafe routines or containing unused routines. Banned API functions,
Easter Eggs
Do no use banned APIs, unsafe functions, Input validation, remove unused routines and Easter Eggs
R Reversible Code Code that allows for determination of internal architecture or design. Unobfuscated code,
Unsigned Executables
Code obfuscation (shrouding),
Digitally signing code
E Elevated Privileges Required to Run Code that violates the principle of least privilege. Administrative accounts Environment configuration, Code set explicitly to run with least privilege