Application Threats and Vulnerabilities

application , security , web-services

March 7, 2010

Application Threats and Vulnerabilities
	Oracle	MS SQL Server	Sybase	Lotus Domino
Denial of Service	SNMP DoS	Malformed RPC	Absolute value of numeric DoS	Unicode DoS
	Redirection DoS	Request DoS	Select All DoS	IIOP DoS
ID/Password Control Issues	Default passwords	Default passwords	Default passwords	Default passwords
	Brute force easily guessed passwords	Brute force easily guessed passwords	Brute force easily guessed passwords	Brute force easily guessed passwords
Misconfigurations / Integrity and Services Issues	Listener password not set	Spida Worm infection	Permissions granted on xp_cmdshell	Anonymous access via HTTP
				Unencrypted DECS password
Vulnerabilities Patching	ANSI Join syntax bypasses object privileges	FORMAT MESSAGE buffer overflow	Buffer overflow in xp_cmdshell	ESMTP Cmd buffer overflow
				LDAP buffer overflow

Blog