Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] sa_handler Sacerdote, David SAFER (Software Restriction Policies) API, Windows NT sessions, access tokens SafeSEH salt values sandboxing SAPI_POST_READER_FUNC( ) function saved set groups (UNIX) saved set users (UNIX) saved set-user-IDs (UNIX) saved-set-group-IDs (UNIX) /sbin directory (UNIX) scanf( ) functions scanning TCP packets Schneier, Bruce SCM (Services Control Manager) SCO scoping, code review scorecards, code audits script URI SCRIPT_NAME (environment variable) scripts server-side scripting XSS (cross-site scripting) SDLC (Systems Development Life Cycle), code audits SEARCH method search_orders( ) function second order injection second-order injection attacks secondary groups, UNIX securable objects, Windows NT secure channels Secure Programming Secure Socket Layer/Transport Layer Security (SSL/TLS) 2nd Secure Sockets Layer (SSL) [See SSL (Secure Sockets Layer).] securelevels (BSD) security access control C/C++ problems expectations OS and file system interaction execution file uploading null bytes path traversal programmatic SSI phishing and impersonation policies, enforcing SQL injection parameterized queries prepared statements second order injection stored procedures testing for threading issues Web environments XML injection XPath injection XSS (cross-site scripting) security association (SA) payloads, ISAKMP (Internet Security Association and Key Management Protocol) Security Association and Key Management Protocol (ISAKMP) [See ISAKMP (Internet Security Association and Key Management Protocol).] security breaches, policy breaches, compared security descriptors, Windows NT access masks ACL inheritance ACL permissions programming interfaces strings segmentation (network) layer 1 (physical) layer 2 (data link) layer 3 (network) layer 4 (transport) layer 5 (session) layer 6 (presentation) layer 7 (application) segments, TCP (Transmission Control Protocol) SEH (structured exception handling) attacks 2nd SelimpersonatePrivilege, IPC (interprocess communications) semaphore sets semaphores System V IPC Windows NT semget( ) function sending signals Sendmail crackaddr( ) function, vunerabilities prescan sign extension vunerability return values, update vunerability Sendmail crackaddr( ) Related Variables Vulnerability listing (7-3) Sendmail Return Value Update Vulnerability listing (7-32) sentinel nodes sequence numbers, TCP (Transmission Control Protocol) Server header field (HTTP) Server Message Blocks (SMBs) 2nd server-side includes (SSIs) server-side scripting server-side transformation SERVER_NAME (environment variable) SERVER_PORT (environment variable) SERVER_PROTOCOL (environment variable) SERVER_SOFTWARE (environment variable) servers automation servers name servers, DNS (Domain Name System) pipe squatting Web servers APIs server-side scripting server-side transformation SSIs (server-side includes) service image paths service-oriented architecture (SOA) services, Windows NT servlets [See Java servlets.] session credentials, redirector session layer, network segmentation session tokens 2nd sessions HTTP 2nd security vulnerabilities session management session tokens UNIX, process sessions Windows NT 2nd access tokens 2nd logon rights SIDs (security IDs) setegid( ) function setenv( ) function 2nd Setenv( ) Vulnerabilty in BSD listing (10-2) seteuid( ) function setgid (set-group-id), UNIX setgid programs (UNIX) setgid( ) function setgroups( ) function setjump( ) function setregid( ) function setresgid( ) function setresuid( ) function setreuid( ) function setrlimit( ) function SetThreadToken( ) function settings, default settings, insecure defaults setuid (set-user-id), UNIX setuid programs (UNIX) setuid root programs (UNIX) setuid( ) function 2nd SGML (Standard Generalized Markup Language) shadow password files, UNIX shared key encryption shared libraries shared memory blocks shared memory segments synchronization shared memory, multiple processes sharing files, UNIX shatter attacks, Windows messaging SHELL environment variable (UNIX) shell environment variables, UNIX shell histories, UNIX shell invocation ASP ASP.NET Java servlets Perl PHP 2nd shell login scripts, UNIX shell logout scripts, UNIX Shell Metacharacter Injection Vulnerability listing (8-18) shell metacharacters shellcode 2nd Shellcoder's Handbook, The 2nd ShellExecute( ) function ShellExecuteEx( ) function shells, UNIX users side-effects, functions auditing referentially opaque side effects referentially transparent side effects SIDs (security IDs), Windows NT siglongjump( ) function sign bit arithmetic schemes signed integer types Sign Extension Vulnerability Example listing (6-12) sign extensions type conversions truncation Sign-Extension Example listing (6-14) Sign-Preserving Right Shift listing (6-25) signal handler scoreboard Signal Interruption listing (13-1) signal marks signal masks Signal Race Vulnerability in WU-FTPD listing (13-2) signal( ) function 2nd signals asynchronous-safe function 2nd 3rd default actions handling interruptions 2nd jump locations non-returning signal handlers 2nd repetition sending signal handler scoreboard signal masks vunerabilities 2nd signature payloads, ISAKMP (Internet Security Association and Key Management Protocol) signatures, cryptographic signatures Signed Comparison Example in PHP listing (6-23) Signed Comparison Vulnerability Example listing (6-7) Signed Comparison Vulnerability listing (6-21) signed integer types, C programming language Signed Integer Vulnerability Example listing (6-5) signed integers boundaries conversions vunerabilities narrowing sign bit, arithmetic schemes widening signing Active X controls sigsetjump( ) function SIGSTOP default action simple binary CPs (candidate points) simple lexical CPs (candidate points) Simple Mail Transfer Protocol (SMTP) Simple Nonterminating Buffer Overflow Loop listing (7-15) Simple Object Access Protocol (SOAP) simple type conversions, C programming language single sign-on (SSO) system single-threaded apartment (STA), COM (Component Object Model) singly linked lists site-restricted controls, Active X size, operators, vunerabilities Sizeof Misuse Vulnerability Example listing (6-24) sizeof( ) function 2nd SMB relay attacks SMBs (Server Message Blocks) 2nd SMTP (Simple Mail Transfer Protocol) sniffing attacks snort reassembly vunerability, TCP (Transmission Control Protocol) snprintf( ) function 2nd 3rd Snyder, Window SOA (service-oriented architecture) SOAP (Simple Object Access Protocol) socketpair( ) function 2nd soft links, UNIX files 2nd software requirements security expectations specifications vulnerabilities 2nd bugs classifying data flow design vunerabilities environmental attacks exceptional conditions implementation vunerabilities input interfaces operational vunerabilities security policies trust relationships software design abstraction accuracy algorithms application architecture modeling clarity decomposition failure handling loose coupling strong cohesion strong coupling exploitation threat modeling information collection transitive trust exploitation trust relationships chain of trust relationships complex trust boundaries defense in depth simple trust boundaries Software Restriction Policies (SAFER) API [See SAFER (Software Restriction Policies) API, Windows NT sessions, access tokens.] Solaris Solomon, David A. 2nd Song, Dug source code audits, COM (Component Object Model) source code navigators, code audits Code Surfer Cscope Ctags Source Navigator Understand source code, profiling Source Navigator source routing IP (Internet Protocol) packets source-only application access SPACEJUMP method specialization approach, application review specifications, software SPIKE fuzz testing tool spoofing DNS (Domain Name System) TCP streams blind connection spoofing spoofing attacks, firewalls 2nd close spoofing distant spoofing encapsulation source routing sprintf( ) functions 2nd 3rd SQL (Structured Query Langauge) queries, metacharacters SQL injection ASP 2nd ASP.NET Java servlets parameterized queries Perl PHP prepared statements second order injection stored procedures testing for SQL Injection Vulnerability listing (8-20) SQL Truncation Vulnerability listing (8-21) SSIs (server-side includes) SSL (Secure Sockets Layer) SSL/TLS (Secure Socket Layer/Transport Layer Security) SSL/TLS (Secure Sockets Layer/Transport Layer Security) SSO (single sign-on) system STA (single-threaded apartment), COM (Component Object Model) stack cookies stack overflows stack protection, operational vulnerabilities, preventing Stackguard, stack cookies stacks ADT (abstract data type) EBP (extended base pointer) ESP (extended stack pointer) nonexecutable stacks stack protection Standard Generalized Markup Language (SGML) standards documentation standards, C programming language starvation, threads 2nd Starzetz, Paul 2nd stat( ) function state mechanisms, RPCs (Remote Procedure Calls) state processing, TCP (Transmission Control Protocol) state tables spoofing state, maintaining client IP addresses cookies embedding state in HTML and URLs HTTP authentication 2nd Referer request headers sessions 2nd security vulnerabilities session management session tokens stateful versus stateless systems stateful firewalls directionality fragmentation stateful inspection firewalls TCP (Transport Control Protocol) UDP (User Datagram Protocol) stateful inspection firewalls layering stateful packet filters stateful systems stateless firewalls fragmentation FTP (File Transfer Protocol) TCP (Transmission Control Protocol) UDP (User Datagram Protocol) stateless packet filters stateless systems statements break statements, omissions flow transfer statements, auditing out-of-order statements prepared statements switch statements, auditing states, TCP connections static content static variables status checks, application review stdio file system, files closing opening reading writing to Stevens, Ted Stevens, W. Richard Stickley, Jim storage, C programming language stored procedures strcat( ) function strcpy( ) functions 2nd Strcpy( )-like Loop listing (8-3) stream ciphers, encryption streams (file), Windows NT streams, TCP (Transmission Control Protocol) 2nd blind connection spoofing blind data injection attacks blind reset attacks connection fabrication connection tampering spoofing strict black box application access strict context handles, RPCs (Remote Procedure Calls) strings bounded string functions 2nd character expansion format strings handling, C programming language pointers incorrect increments typos unbounded copies unbounded string functions Windows NT security descriptors strlcat( ) function strlcpy( ) function strlen( ) function strncat( ) function strncpy( ) function 2nd strong cohesion, software design strong coupling, software design exploitation strongly coupled modules Structure Padding in a Network Protocol listing (6-32) structure padding, C programming language structured exception handling (SHE) attacks structures, variables, management Struts framework stub resolvers (DNS) stubs, COM (Component Object Model) subdomains subnet addresses subsystem access permissions, DCOM (Distributed Component Object Model) subsystem alnalysis, code audits superusers, UNIX supplemental group privileges, UNIX, dropping permanently supplemental groups, UNIX 2nd 3rd Swiderski, Frank switch statements auditing C programming language switching symbolic links, UNIX files 2nd SymbolicLink objects symmetric encryption block ciphers synchronization APCs (asynchronous procedure calls) deadlocks 2nd multithreaded programs process synchronization interprocess synchronization lock matching synchronization object scoreboard System V synchronization Windows NT synchronization race conditions reentrancy shared memory segments signals asynchronous-safe function 2nd 3rd default actions handling interruptions 2nd jump locations non-returning signal handlers 2nd repetition sending signal handler scoreboard signal masks vunerabilities 2nd starvation threads deadlocks PThreads API race conditions starvation Windows API synchronization object scoreboard syntax highlighting synthesized request variables SysInternals syslog( ) function system call gateways system configuration files, UNIX system file table, UNIX system objects, Windows NT system profiling system resources, access, auditing System V-IPC mechanisms process synchronization semaphores UNIX system virtualization system( ) function |