|
What do these threats have in common?
|
bet | 7/15 | Sana | 30.03.2021 | Hajmi | 58,92 Kb. | | #13786 |
What do these threats have in common?
Access to data that is considered private and should be protected.
Sniffing data in a network or that has been left inadvertently in storage.
Protocols or interfaces that improperly reveal user identity, location, passwords, and so on.
Spoofing or elevation of privilege can enable an attacker to access private data.
Examples
A data leak due to buffer overflow attacks. Sophisticated attacks where a handcrafted call stack is placed on a vulnerable system call (a call to the operating system or a privileged server) can cause privileged code to return information, such as kernel memory dump, back to the unauthorized user. The vulnerability here is buffer overflow in the system service.
Data snooping due to man-in-the-middle attacks, as well as simple attacks where packets that have not been encrypted are sniffed. Also, sophisticated attacks where a flawed authentication protocol enables an eavesdropper to compute or break the session key so that the eavesdropper can decrypt all encrypted and signed data. The vulnerability for all three of these examples is security flaws in the network protocol.
Getting data without authorization. Servers that miss impersonating the client or that return data without performing access checks (even if they do impersonations) are examples. The vulnerabilities include missed impersonation (i.e., client gets access to anything server has access to) or missed access checks.
Obtaining data by exposing common coding errors, such as memory leaks.
Improper handling of reused object. Data leaks can result when a file system allocates the same blocks to a new file that were previously held by another file and returns data from those blocks without upper or lower watermark checks or without clearing the blocks before reallocation.
Win9x PWL (password log) files can be used to reveal a user's credential information, leading to other sophisticated attacks.
Physical access to a hard disk leading to unauthorized data access.
When a client accesses data from multiple locations, the compartmentalizing of mishandled information can cause information from one location to become available to another.
Office macros can be used to leak data. These fall into the general class of Trojan vulnerabilities.
|
| |