Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] EBP (extended base pointer) edit( ) function EDITOR environment variable (UNIX) effective groups, UNIX 2nd effective users, UNIX 2nd EH (exception handling) Einstein, Albert elements, lists, duplicate elements Embedded Delimiter Example listing (8-8) embedded delimiters, metacharacters embedded path information (HTTP) embedding state in HTML and URLs Empty List Vulnerabilities listing (7-12) empty lists, vunerabilities encapsulation, packets EncodePointer( ) function EncodeSystemPointer( ) function encoding entities HTML encoding multiple encoding layers parameters UTF-16 encoding UTF-8 encoding XML encoding encryption 2nd algorithms asymmetric encryption block ciphers common vunerabilities Digital Encryption Standard (DES) encryption ISAKMP (Internet Security Association and Key Management Protocol), vunerabilities IV (initialization vector) key exchange algorithms stream ciphers symmetric encryption end user license agreements (EULAs) endpoint mappers endpoints, RPC servers, binding to enforcing policies enhanced kernel protections enterprise firewalls, layer 7 inspection entities (encoded data) entries, UNIX directories entry points ENV environment variable (UNIX) environment arrays, UNIX file descriptors environment strings, Linux environment subsystems environment variables PATH_INFO UNIX environmental attacks equality operators err( ) function error checking branches, code paths error domains error messages, overly verbose error messages, Web-based applications errors lists, pointer updates loops escape_sql( ) function escaping metacharacters ESP (extended stack pointer) Esser, Stefan establishing TCP connections ETag header field (HTTP) /etc directory (UNIX) EULAs (end user license agreements) eval( ) function Perl PHP evasion, metacharacter evasion event objects, Windows NT Example of Bad Counting with Structure Padding listing (6-34) Example of Dangerous Program Use listing (8-19) Example of Structure Padding Double Free listing (6-33) exception handling (EH), C++ exceptional conditions execl( ) function Execute( ) function, ASP execve( ) function 2nd 3rd 4th ExpandEnvironmentStrings( ) function Expect header field (HTTP) expectations, security Expert C Programming Expires header field (HTTP) explicit allow filters (white lists), metacharacters explicit deny filters (black lists), metacharacters explicit type conversions Exploiting Software exploiting transitive trusts export function tables extended base pointer (EBP) extended stack pointer (ESP) Extensible Stylesheet Language Transformations (XSLT) 2nd extensions, UNIX privileges external application invocation, OpenSSH external entities external flow sensitivity, code navigation external trust levels external trusted sources, spoofing attacks, firewalls extraneaous dilimiters extraneous filename characters, Windows NT extraneous input thinning, test cases, code audits |