The programmer accidentally uses the wrong operator, which changes the application logic in security-relevant ways.
These types of errors are generally the result of a typo.
Modes of Introduction:
– Implementation
Likelihood of Exploit: Low
Other: Alter Execution Logic
This weakness can cause unintended logic to be executed and other unexpected application behavior.
The code uses an operator for assignment when the intention was to perform a comparison.
In many languages the compare statement is very close in appearance to the assignment statement and are often confused. This bug is generally the result of a typo and usually causes obvious problems with program execution. If the comparison is in an if statement, the if statement will usually evaluate the value of the right-hand side of the predicate.
Modes of Introduction:
– Implementation
Likelihood of Exploit: Low
Other: Alter Execution Logic
Phase: Testing
Description:
Many IDEs and static analysis products will detect this problem.
Phase: Implementation
Description:
Place constants on the left. If one attempts to assign a constant with a variable, the compiler will produce an error.
The code uses an operator for comparison when the intention was to perform an assignment.
In many languages, the compare statement is very close in appearance to the assignment statement; they are often confused.
Modes of Introduction:
– Implementation
Likelihood of Exploit: Low
Availability, Integrity: Unexpected State
The assignment will not take place, which should cause obvious program execution problems.
Phase: Testing
Description:
Many IDEs and static analysis products will detect this problem.
This weakness can be found at CWE-113.
Modes of Introduction:
When malformed or abnormal HTTP requests are interpreted by one or more entities in the data flow between the user and the web server, such as a proxy or firewall, they can be interpreted inconsistently, allowing the attacker to “smuggle” a request to one device without the other device being aware of it.
Modes of Introduction:
– Architecture and Design
Integrity, Non-Repudiation, Access Control: Unexpected State, Hide Activities, Bypass Protection Mechanism
An attacker could create a request to exploit a number of weaknesses including 1) the request can trick the web server to associate a URL with another URLs webpage and caching the contents of the webpage (web cache poisoning attack), 2) the request can be structured to bypass the firewall protection mechanisms and gain unauthorized access to a web application, and 3) the request can invoke a script or a page that returns client credentials (similar to a Cross Site Scripting attack).
Phase: Implementation
Description:
Use a web server that employs a strict HTTP parsing procedure, such as Apache [REF-433].
Phase: Implementation
Description:
Use only SSL communication.
Phase: Implementation
Description:
Terminate the client session after each request.
Phase: System Configuration
Description:
Turn all pages to non-cacheable.
The user interface does not correctly enable or configure a security feature, but the interface provides feedback that causes the user to believe that the feature is in a secure state.
When the user interface does not properly reflect what the user asks of it, then it can lead the user into a false sense of security. For example, the user might check a box to enable a security option to enable encrypted communications, but the software does not actually enable the encryption. Alternately, the user might provide a “restrict ALL'” access control rule, but the software only implements “restrict SOME”.
Modes of Introduction:
– Architecture and Design
Other: Varies by Context
A UI function for a security feature appears to be supported and gives feedback to the user that suggests that it is supported, but the underlying functionality is not implemented.
Modes of Introduction:
– Architecture and Design
Other: Varies by Context
Phase: Testing
Description:
Perform functionality testing before deploying the application.
A UI function is obsolete and the product does not warn the user.
Modes of Introduction:
– Implementation
Other: Quality Degradation, Varies by Context
Phase: Architecture and Design
Description:
Remove the obsolete feature from the UI. Warn the user that the feature is no longer supported.
The UI performs the wrong action with respect to the user’s request.
Modes of Introduction:
– Implementation
Other: Quality Degradation, Varies by Context
Phase: Testing
Description:
Perform extensive functionality testing of the UI. The UI should behave as specified.
A software system that accepts path input in the form of multiple internal dot (‘file…dir’) without appropriate validation can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.
Modes of Introduction:
– Implementation
Confidentiality, Integrity: Read Files or Directories, Modify Files or Directories