Software Vulnerabilities
A vulnerability is a weakness in design, implementation, operation, or internal control. Most of the vulnerabilities that have been discovered are documented in the Common Vulnerabilities and Exposures (CVE) database. An exploitable vulnerability is one for which at least one working attack or exploit exists. Vulnerabilities can be researched, reverse-engineered, hunted, or exploited using automated tools or customized scripts.[16][17] To secure a computer system, it is important to understand the attacks that can be made against it.[1]
Software vulnerability examples
- Code injection - If inputs in a web site are not "sanitized", attackers are able to "inject" code that the computer then runs. The results may be to tell the insecure computer to download a virus, reveal sensitive information, etc. SQL and similar database query languages are known to be vulnerable to this
- Cross-Site Scripting (XSS) - a class of attacks that allow an attacker to inject client-side scripts through the website into the browsers of other users. Because the injected code comes to the browser from the site, the code is trusted and can do things like send the user's site authorization cookie to the attacker. When the attacker has the cookie, they can log into a site as though they were the user and do anything the user can, such as access their credit card details, see contact details, or change passwords.
- Buffer overflows - When data is stored in memory, a buffer size is allotted to the program. A buffer overflow is the result of stuffing more data into a buffer than it can handle. The overflowing bytes of data can modify the flow of execution. If a hacker includes in this overflow data code that opens a shell (root access), then the program inadvertently runs the injected code, giving access to the attacker. Some fundamental C functions are no longer considered secure because they are vulnerable to this.
0-Days
The term "zero-day" originally referred to the number of days since a new piece of software was released to the public, so "zero-day software" was obtained by hacking into a developer's computer before release.[2]
See also: Hacking
"Computer security", Wikipedia, https://en.wikipedia.org/wiki/Computer_security#Vulnerabilities_and_attacks ↩︎
"Zero-day (computing)", Wikipedia. ↩︎