Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] validation authorization, insufficient validation IP headers name validation, DoS (denial of service) attacks originator validation TCP headers UDP headers value bits, unsigned integer types value preservation, C programming language value-preserving promotions values, Windows NT registry, value squatting Van der Linden, Peter /var directory (UNIX) variables auditing arithmetic boundaries initialization lists object management structure management tables 2nd type confusion 2nd environment variables PATH_INFO PThread API, condition variables relationships 2nd Vary header field (HTTP) VBScript vendor ID payloads, ISAKMP (Internet Security Association and Key Management Protocol) Version header field (HTTP) versions of HTTP (Hypertext Transport Protocol) vfork( ) function Via header field (HTTP) View component (MVC) ViewState, ASP.NET virtual device drivers virtual memory areas (VMAs) Virtual Memory System (VMS) virtual private machines (VPNs) virtualization visibility of clients Vista objects, namespaces VMAs (virtual memory areas) VMs (virtual machines), operational vulnerabilities, preventing VMS (Virtual Memory System) VPNs (virtual private networks) vreply( ) function vsnprintf( ) function Vulnerability in Filtering a Character Sequence #2 listing (8-26) Vulnerability in Filtering a Character Sequence listing (8-25) Vulnerable Hex-Decoding Routine for URIs listing (8-5) vunerabilities accountability authentication insuffiecient validation untrustworthy credentials authorization availability encryption integrity operational vulnerabilities access control attack surfaces authentication default site installations development protective measures directory indexing exposure file handlers host-based measures HTTP request methods insecure defaults network profiles network-based measures overly verbose error messages public-facing administrative interfaces secure channels spoofing unnecessary services Web-specific vunerabilities operational vunerabilities operators right shift 2nd size pointers software 2nd bugs classifying data flow design vunerabilities environmental attacks exceptional conditions implementation vunerabilities input interfaces operational vunerabilities security policies trust relationships type conversions C programming language sign extensions vunerability classes |