security Online Quiz - 9
| Description: security Online Quiz - 9 | |
| Number of Questions: 20 | |
| Created by: Aliensbrain Bot | |
| Tags: security |
Data returned by which of the following methods should be validated before using it
- getParameter ()
- getQueryString ()
- getCookies ()
- getHeaders ()
Which of the following are countermeasures for XSS
- Releasing Resources after use
- Input Validation
- Running with least privilege
- URL based access control
- Output Encoding
The following code is part of a system daemon that is run with elevated privileges. It opens a temp file in /tmp directory as a cache. Is there an issue in this code sample? Please assume that filling up /tmp is not an issue here.
int outfile = fopen(“/tmp/cache_data”, O_WRONLY | O_CREAT | O_TRUNC, 0600);
Is writing to an already freed memory a vulnerability?
x = malloc(200); /* do something with x */
free (x); /* do something else */
strcpy(x, “somedata”);
In the following code, which is the location of vulnerability?
1 bIsAdmin = true;
2 try
3 {
4 function ();
5 bIsAdmin = isAdminUser(userName);
6 }
7 catch (Exception ex)
8 {
9 log.write(ex.toString());
10 }
In the following code, which is the location of vulnerability?
1 String username = req.getParameter("loginID");
2 String password = req.getParameter("loginPassword");
3 String sql = "SELECT UserID from Employee WHERE Emp_ID = ? AND Password=?";
4 pstmt = con.prepareStatement(sql);
5 pstmt.setString(1,username);
6 pstmt.setString(2,password);
7 pstmt.execute();
8 user = pstmt.getResultSet();
9 if(user!=null)
10 {
11 while (user.next())
12 {
13 userInfo.add(user.getString(1));
14 }
15 }
16 else
17 {
18 log.debug(“Invalid Login: Login ID-”+ username+” Password-”+ password);
19 }
Identify the line on which the vulnerability exists:
1 public class performSearchAction extends HttpServlet{
2 // Servlet for Search Action
3 public void doPost(HttpServletRequest req, HttpServletResponse res)
4 {
5 try
6 {
7 ArrayList arrSearch = Util.performSearchAction(req, res);
8 req.setAttribute(“SearchResults”,arrSearch);
9 RequestDispatcher rd = getServletContext().getRequestDispatcher("/SearchResult.jsp");
10 rd.forward(req,res);
11 } catch (Exception e) {
12 log.debug(“Exception occurred:”+e);
13 }
14 } //End of doPost method
15 public void doGet(HttpServletRequest req, HttpServletResponse res)
16 {
17 doPost(req,res);
18 } //End of doGet method
19 } //End of Class
Give the name of the vulnerability resides in the below code:
...
Runtime rt = Runtime.getRuntime();
Process proc = rt.exec("cmd.exe /c type "+request.getParameter("path")); //path is an Input Parameter and contains the file name.
InputStream stdin = proc.getInputStream();
InputStreamReader isr = new InputStreamReader(stdin);
BufferedReader br = new BufferedReader(isr);
...
Are there any memory issues in the following code? Please assume that variable inputsize has the correct size.
int add_num_array(int inputsize, int num) {
int *newnum = malloc (inputsize * sizeof(int)); /* 1 */
int i;
for (i=0; i
What is the vulnerability in this code?
char output[20];
/* Assume data is a character array with value %200d asdf */
sprintf(output, data);
What is the vulnerability in this code?
int main(int argc, char * argv[]) {
printf (argv[1]);
}
What is the possible vulnerability in this code?
unsigned int total, userinput1, userinput2;
userinput1 = receiveInput();
userinput2 = receiveInput();
total = userinput1 + userinput2;
Which Compilation switch will you use to check Buffer Overflows?
What can go wrong in following code?
#include
int main(int argc, char *argv[]) {
if(argc != 3) {
printf("usage: %s [source] [dest]\n", argv[0]);
exit(1);
}
char x;
FILE *file[2];
file[0] = fopen(argv[1],"r+");
file[1] = fopen(argv[2],"w+");
for(x = 0; x < 2; x++) {
if(file[x] == NULL) {
printf("error opening file.\n");
exit(1);
}
}
do {
x = fgetc(file[0]);
fputc(x,file[1]);
} while(x != EOF);
for(x = 0; x < 2; x++)
fclose(file[x]);
return 0;
}
Which compilation switch should be enabled for stack protection? Choose the best and most secure option.
unsigned char j,k; j=getchar(); k=getchar(); unsigned char result = j + k; What vulnerability is present in this code:
Which statement creates a buffer over flow? (Line numbers are marked using comments /* */)
#include
#include
#include
int main (int argc, char *argv[]) {
int i=0,j=1;
char ipstring[80];
for (;i<=3;i++){
cout<
What is the vulnerability ?
int main (int argc, char *argv[]) {
char k[3];
int i=0,j=1;
char buffer[50];
strncpy(buffer, argv[1], sizeof(buffer) - 1);
buffer[49]='/0';
unsigned char ch='a';
k[0]=1;
do{
i++;
k[i]=ch+i;
} while(i<3);
return 0;
}
Which attack(s) are possible in the below code:
Identify the name of the vulnerability exist in the below code:
1 ...
2 public class ShowUserDetailsAction extends HttpServlet
3 {
4 private String currentUser;
5 public void doPost(HttpServletRequest req, HttpServletResponse res)
6 {
7 try
8 {
9 currentUser = req.getParameter("userID");
10 RequestDispatcher rd = getServletContext().getRequestDispatcher ("/ShowDetails.jsp");
11 if (!"".equals(currentUser))
12 {
13
14 ArrayList userInfo = new ArrayList();
15 LoginDAO objLoginDAO = new LoginDAO();
16 userInfo = objLoginDAO.getUserInfo(currentUser);
17
18 if (userInfo!=null && (userInfo.size()!= 0))
19 {
20 req.setAttribute("UserInfo", userInfo);
21 }
22 else
23 {
24 req.setAttribute("NoUser", "true");
25 }
26 }
27 rd.forward(req,res);
28 } catch (Exception e)
29 {
30 log.debug(“Error Occurred:”+ e);
31 }
32 }
33 }
34 ...