Skip to main content

Translate

10 most common security vulnerabilities in web applications


Problem A1: Unvalidated Input
How Plone handles this: All input in Plone is validated, and the framework makes sure you can never input data that is not of the required type. This is probably the number one reason why Plone sites — even when deployed and developed by people new to web security — are not compromised.
Problem A2: Broken Access Control
How Plone handles this: Plone is based on the well-proven (7 years in production), flexible and granular ACL/roles-based security model of Zope. In addition, Plone utilizes an innovative workflow-based approach to security, which means that end-users never see or modify the security settings — they only work with security presets that have been supplied to them by the developers of the application. This greatly reduces the possibility of misconfigured security settings.
Problem A3: Broken Authentication and Session Management
How Plone handles this: Plone authenticates users in its own database using a SHA-1 hash of their password. Using its modular authentication system Plone can also authenticate users against common authentication systems such as LDAP and SQL as well as any other system for which a plugin is available (Gmail, OpenID, etc.). After authentication, Plone creates a session using a SHA-1 hash of a secret stored on the server and the userid (HMAC-SHA-1). Secrets can be refreshed on a regular basis to add extra security where needed. Note: Older Plone versions (i.e. before Plone 3) use a less secure method where a session cookie containing both the loginname and password for a user are used. It is highly recommended to enforce use of HTTPS encryption for such sites.
Problem A4: Cross Site Scripting
How Plone handles this: Plone has strong filtering in place to make sure that no potentially malicious code can ever be entered into the system. All content that is inserted is stripped of malicious tags like <script>, <embed> and <object>, as well as removing all <form> related tags, stopping users from impersonating any kind of HTTP POST requests. All destructive operations (like deletion of content) and privilege elevation (roles, permissions) are checked to be valid HTTP POST requests in addition to the usual security checking. On an infrastructure level, the TAL template language used to create pages in Plone quotes all HTML by default, effectively preventing cross site scripting.
Problem A5: Buffer Overflow
How Plone handles this: Buffer overflow vulnerabilities are not known to exist in the current versions of Python, and is usually more common in systems based on languages that do not have strict checking for this, like C.
Problem A6: Injection Flaws
How Plone handles this: Injection flaws are most common in systems that use SQL databases for content storage. Plone does not use a SQL database by default.  When setting up SQL databases with Plone, they always communicate through a standard SQL connector that neutralizes injection attempts automatically.
Problem A7: Improper Error Handling
How Plone handles this: Plone provides almost no error information to site visitors (no stack traces, etc.).  When there is an error, Plone logs the error internally. All the front-end user will see is the log entry number of the error, allowing the error to be located in the logs if it is reported to the site admin.
Problem A8: Insecure Storage
How Plone handles this: All the cryptographic methods in the Plone stack have been exposed to public scrutiny for years and have no known vulnerabilities.
Problem A9: Application Denial of Service
How Plone handles this: The most common setup for a Plone site is to to deploy it behind a caching proxy like Squid, Varnish, Apache or IIS. When configured in this way, it's very hard to bring down a Plone site with DoS attacks. (Note: In versions earlier than Plone 2.1.4 and 2.5.1, there was a potential Denial of Service attack identified in the error page of Plone, which was unnecessarily heavy. This was fixed as part of a bigger security audit performed in the same timeframe, and the current releases of Plone do not suffer from this problem.
A10 Insecure Configuration Management
How Plone handles this: Plone has very strict security defaults out-of-the-box, and also runs as an unprivileged user on the server. Plone website users do not have access to the file system. Because of these factors, the most common security configuration vulnerabilities in this area are avoided.

Security track record

Measuring or quantifying security risks in software is hard — security is a process, not a product, and thus requires constant vigilance and good coding practices combined with security reviews. One interesting measure is the number of vulnerabilities reported by the MITRE’s Common Vulnerabilities and Exposures database, which is the main source for tracking and naming security issues.
Here are some counts of the numbers of known vulnerabilities and exposures in some common CMS platforms and their technology stacks - also note that the Python/Zope/Plone stack has existed for several years longer than the others mentioned.
The following data was extracted from the National Vulnerability Database, in March 30, 2011. The figures presented represent the total number of occurrences of the term searched, with the numbers in parenthesis representing the number of occurrences in the past 3 years.
  • Plone/Zope/Python stack:
    • CVE Entries containing Plone: 13 (9)
    • CVE Entries containing Zope: 27 (9)
    • CVE Entries containing Python: 111 (65)
  • PHP-based stacks:
    • CVE Entries containing Drupal: 371 (269)
    • CVE Entries containing Joomla: 653 (441)
    • CVE Entries containing MySQL: 282 (84)
    • CVE Entries containing Postgre: 82 (22)
    • CVE Entries containing PHP: 18,859 (5,813)
  • Other stacks:
    • CVE Entries containing Perl: 3,835 (1,780)
These numbers do not prove anything by themselves, of course, but do suggest a general trend and are a good approximation of our security track record compared to other systems.
One should also note that when installing a CMS stack, one should consider the security records of all stack components (including add-on products and modules). That means if a CMS requires an external database server, the security of that server should be considered in addition to the security of the CMS system itself.

Comments

Popular posts from this blog

Timer AC bergantian

Bagaimana sich prinsip kerja AC yang bergantian? Seperti yang terangkai pada ACPDB, yang kita butuhkan adalah 1 buah timer dan 2 buah kontaktor. Pada dasarnya rangkaiannya adalah seperti gambar diatas. Seperti kita ketahui, timer dan kontaktor akan bekerja apabila mendapatkan catuan 220 V. Pada timer catuan bisa dikoneksikan di lubang “L” dan “N”, sedang pada kontaktor dilubang “A1” dan “A2”. Itulah kenapa pada saat mati listrik komponen2 tersebut tidak bekerja. Timer berfungsi sebagai switch dari 2-1 atau 2-3 dan lubang “2” sebagai sumber yang dialiri arus listrik. Sesuai namanya alat ini akan bergantian dari 2-1 atau 2-3 berdasarkan waktu yang sudah kita atur pada sirip biru. Satu sirip merepresentasikan 30 menit. Sedang pada kontaktor untuk tipe Telemecanique, sumbu-sumbu saklarnya adalah 1-2, 3-4, 5-6, NO-NO, NC-NC.  Jika “A1” dan “A2” tidak dicatu maka 1-2 (open), 3-4 (open), 5-6 (open), NO-NO (open), NC-NC (close/terhubung). Dan bila “A1” dan “A2” dicatu  maka 1-2 (close), 3-4 (clo…

Contoh Panduan Standarisasi Area Data Center

Berikut adalah contoh Panduan Standarisasi Area Data Center

PANDUAN - IK Standarisasi Area Data Center Article Number: 49 | Rating: Unrated | Last Updated: Mon, Nov 25, 2013 at 2:13 PM BAB I KEBIJAKAN
1.1.Area Data Center
Areadata center termasuk aset vital perusahaan dan diperlakukan sesuai dengan persyaratan yang telah ditetapkan dalam Sistem Manajemen Pengamanan Perusahaan.

Seksi Jaringan bertanggungjawab terhadap pengamanan fisik dan logik. sedangkan fungsi Sekuriti terhadap pengamanan fisik.


1.2.Pertimbangan Dalam Hal Penentuan Lokasi Area Data Center
Beberapa pertimbangan yang harus ada dalam menentukan lokasi ruang data center, yaitu :

1.Memungkinkan untuk pengembangan yang memadai, misalnya mempertimbangkan pengembangan untuk jangka waktu 5 (lima) tahun ke depan.
2.Mempertimbangkan ruang yang tidak "terlalu” banyak dilalui untuk operasional lain, namun tetap dapat dijangkau dengan mudah.
3.Memperhatikan aspek keamanan dan keselamatan pekerja.
4.Memenuhi persyaratan sebagaimana yang …

Mendesigns dan Menghitung UPS untuk Data Center

Mendesigns dan Menghitung UPS untuk Data Center UPS dan data center mungkin bisa di sebut sayur tanpa garam, hambar jika tidak saling melengkapi. 
Tapi untuk menentukan kebutuhan akan UPS data centerperlu perhitungan yang matang agar UPS dan server tetap awet dan selalu ON 24 jam. banyak sekali jenis UPS dan daya yang di tawarkan. Kita harus menghitung kebutuhan beban keseluruhan server agar ketika listrik down UPS dapat menghandle beberapa detik untuk listrik pindah ke genset begitu pula sebaliknya, Oke untuk menentukan itu semua tentukan dulu jenis UPS yang akan anda gunakan.
Oke kita sedikit belajar dulu tentang UPS :)
PRINSIP KERJA UPS Setiap PC membutuhkan daya listrik. Apabila aliran listrik (main power) terputus, PC akan mati (tidak berfungsi). Fungsi dasar UPS (Uninterruptible Power Supply) adalah menyediakan suplai listrik SEMENTARA ke beban (PC) tanpa terputus pada saat main power tidak bekerja agar seluruh proses dapat dihentikan dengan benar, seluruh data dapat disimpan den…