Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] back-tracing code bait-and-switch attacks Bansal, Altin Bellovin, Steve BER (Basic Encoding Rules), ASN.1 (Abstract Syntax Notation) Bercegay, James big-endian architecture, bytes, ordering /bin directory (UNIX) binary audits, COM (Component Object Model) binary bitwise operators binary encoding, C programming language binary layout (Windows), imports binary navigation tools, code auditing binary notation positive decimal integers, converting to positive numbers, converting to decimal binary protocols, data types, matching binary-only application access Bind 9.2.1 Resolver Code gethostans( ) Vulnerability listing (7-2) binding endpoints, RPC servers bindings BinNavi binary navigation tool Bishop, Matt bit fields, C programming language bitmasks, permissions bitwise shift operators, C programming language black box analysis black box generated CPs (candidate points) black box hits, tracing black box testing auditing, compared black-list filters, metacharacters blind connection spoofing, TCP streams blind data injection attacks, TCP streams blind reset attacks, TCP streams block ciphers boot files, UNIX bottom-up approach, application review bottom-up decomposition Bouchareine, Pascal boundaries, trust boundaries complex trust boundaries simple trust boundaries boundary conditions, sequence numbers, TCP (Transmission Control Protocol) boundary descriptor objects, Windows NT bounded string functions Break Statement Omission Vulnerability listing (7-23) break statements, omissions Bret-Mounet, Frederic Brown, Keith BSD linux securelevels setenv( ) function BUF-MEM_grow( ) function Buffer Overflow in NSS Library's ssl2_HandleClientHelloMessage listing (7-34) buffer overflow, text-based protocols buffer overflows global overflows heap overflows off-by-one errors process memory layout SHE (structured exception handling) attacks stack overflows static overflows buffer subsystem, SSH server, code audits buffers, OpenSSH, vunerabilities bugs, software business logic 2nd business tier (Web applications) byte order, C programming language bytes, overwriting |