IT components such as operating systems, application software, and even networks, have many vulnerabilities. These vulnerabilities are open to compromise or exploitation. This creates the possibility for penetration into the systems that may result in unauthorized access and a compromise of confidentiality, integrity, and availability of information assets.
Vulnerability tests are performed to identify vulnerabilities while penetration tests are conducted to check the following:
- The possibility of compromising the systems such that the established access control mechanisms may be defeated and unauthorized access is gained
- The systems can be shut down or overloaded with malicious data using techniques such as DoS attacks, to the point where access by legitimate users or processes may be denied
Vulnerability assessment and penetration testing processes are like IT audits. Therefore, it is preferred that they are performed by third parties.
The primary purpose of vulnerability and penetration tests is to identify, evaluate, and mitigate the risks due to vulnerability exploitation.
Vulnerability assessment
Vulnerability assessment is a process in which the IT systems such as computers and networks, and software such as operating systems and application software are scanned in order to indentify the presence of known and unknown vulnerabilities.
Vulnerabilities in IT systems such as software and networks can be considered holes or errors.
These vulnerabilities are due to improper software design, insecure coding, or both. For example, buffer overflow is a vulnerability where the boundary limits for an entity such as variables and constants are not properly defined or checked. This can be compromised by supplying data which is greater than what the entity can hold. This results in a memory spill over into other areas and thereby corrupts the instructions or code that need to be processed by the microprocessor.
When a vulnerability is exploited it results in a security violation, which will result in a certain impact. A security violation may be an unauthorized access, escalation of privileges, or denial-of-service to the IT systems.
Tools are used in the process of identifying vulnerabilities. These tools are called vulnerability scanners. A vulnerability scanning tool can be a hardware-based or software application.
Generally, vulnerabilities can be classified based on the type of security error. A type is a root cause of the vulnerability.
Vulnerabilities can be classified into the following types:
-
Access Control Vulnerabilities
It is an error due to the lack of enforcement pertaining to users or functions that are permitted, or denied, access to an object or a resource.
Examples:
Improper or no access control list or table
No privilege model
Inadequate file permissions
Improper or weak encoding
Security violation and impact:
Files, objects, or processes can be accessed directly without authenticationor routing.
-
Authentication Vulnerabilities
It is an error due to inadequate identification mechanisms so that a user or a process is not correctly identified.
Examples:
Weak or static passwords
Improper or weak encoding, or weak algorithms
Security violation and impact:
An unauthorized, or less privileged user (for example, Guest user), or a less privileged process gains higher privileges, such as administrative or root access to the system
-
Boundary Condition Vulnerabilities
It is an error due to inadequate checking and validating mechanisms such that the length of the data is not checked or validated against the size of the data storage or resource.
Examples:
Buffer overflow
Overwriting the original data in the memory
Security violation and impact:
Memory is overwritten with some arbitrary code so that is gains access to programs or corrupts the memory. This will ultimately crash the operating system. An unstable system due to memory corruption may be exploited to get command prompt, or shell access, by injecting an arbitrary code
-
Configuration Weakness Vulnerabilities
It is an error due to the improper configuration of system parameters, or leaving the default configuration settings as it is, which may not be secure.
Examples:
Default security policy configuration
File and print access in Internet connection sharing
Unlock access to the largest independent learning library in Tech for FREE!
Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
Renews at $19.99/month. Cancel anytime
Security violation and impact:
Most of the default configuration settings of many software applications are published and are available in the public domain. For example, some applications come with standard default passwords. If they are not secured, they allow an attacker to compromise the system. Configuration weaknesses are also exploited to gain higher privileges resulting in privilege escalation impacts.
-
Exception Handling Vulnerabilities
It is an error due to improper setup or coding where the system fails to handle, or properly respond to, exceptional or unexpected data or conditions.
Example:
SQL Injection
Security violation and impact:
By injecting exceptional data, user credentials can be captured by an unauthorized entity
-
Input Validation Vulnerabilities
It is an error due to a lack of verification mechanisms to validate the input data or contents.
Examples:
Directory traversal
Malformed URLs
Security violation and impact:
Due to poor input validation, access to system-privileged programs may be obtained.
-
Randomization Vulnerabilities
It is an error due to a mismatch in random data or random data for the process. Specifically, these vulnerabilities are predominantly related to encryption algorithms.
Examples:
Weak encryption key
Insufficient random data
Security violation and impact:
Cryptographic key can be compromised which will impact the data and access security.
-
Resource Vulnerabilities
It is an error due to a lack of resources availability for correct operations or processes.
Examples:
Memory getting full
CPU is completely utilized
Security violation and impact:
Due to the lack of resources the system becomes unstable or hangs. This results in a denial of services to the legitimate users.
-
State Error
It is an error that is a result of the lack of state maintenance due to incorrect process flows.
Examples:
Opening multiple tabs in web browsers
Security violation and impact:
There are specific security attacks, such as Cross-site scripting (XSS), that will result in user-authenticated sessions being hijacked.
Information security professionals need to be aware of the processes involved in identifying system vulnerabilities. It is important to devise suitable countermeasures, in a cost effective and efficient way, to reduce the risk factor associated with the identified vulnerabilities. Some such measures are applying patches supplied by the application vendors and hardening the systems.
United States
Great Britain
India
Germany
France
Canada
Russia
Spain
Brazil
Australia
Singapore
Hungary
Ukraine
Luxembourg
Estonia
Lithuania
South Korea
Turkey
Switzerland
Colombia
Taiwan
Chile
Norway
Ecuador
Indonesia
New Zealand
Cyprus
Denmark
Finland
Poland
Malta
Czechia
Austria
Sweden
Italy
Egypt
Belgium
Portugal
Slovenia
Ireland
Romania
Greece
Argentina
Netherlands
Bulgaria
Latvia
South Africa
Malaysia
Japan
Slovakia
Philippines
Mexico
Thailand
