System Vulnerabilities
Weaknesses in protocols, implementation flaws in software, application design security holes, insecure configurations, and so on. are examples of system vulnerabilities. Let us examine them in some detail.
Protocol Weaknesses— As we said earlier, a number of attacks based on weaknesses in IP, ARP, DNS, FTP, and other protocols have been documented. In isolation, they do not appear severe but can be exploited in the presence of other design weaknesses to amplify the security holes.
Implementation Flaws— Implementation flaws in widely used network services software such as mail server, ftp server, http server, browsers and utilities such rlogin, rsh, and so on, are very common attack points. A particular kind of flaw known as buffer overflow tops the list because it could allow an attacker to mount an attack known as stack smashing and execute an arbitrary program on the target machine by passing carefully crafted input data to the vulnerable program. Although the specifics of such attacks are complex, the basic idea is to exploit the buffer overflow vulnerability by overwriting the contents of the program stack with input data and thus transferring the control of execution to code supplied by the attacker in the form of input data. Luckily for us, Java language prevents this type of vulnerability.
Design Security Holes— Every now and then we hear about applications designed without proper attention paid to the security of the system. A recent news item detailed how the automatic software upgrade feature of Mac OS X did not use a strong authentication mechanism to authenticate the upgrade download server and could be exploited, in conjunction with weaknesses in ARP and DNS protocol, to upload any software to the victim's machine.
Insecure Configuration— A lot of packaged software ships with default settings that are not secure. An example would be an Operating System with the most common network services enabled. Another example would be an RDBMS (Relational Database Management System) with an account with default name and password. These configurations are popular because of their out-of-box setup and ease of use.
Cross-Site Scripting— This is a somewhat new class of vulnerability exposing browsers to run scripts supplied by one site (possibly malicious) with the privilege of another site (possibly trusted). As J2EE programmers, we need to be extra careful to avoid this vulnerability in our applications. We talk more about it in Chapter 9, Web Application Security.
While the detailed discussion on these topics and the specific steps involved in the attacks is beyond the scope of this book, you can refer to the Further Reading section for references to get more information.