Top 25 most dangerous mistakes in software development
Once a year, the CWE and SANS Institute publish a study into the 25 most commonly made programming mistakes that can, ultimately, lead to critical vulnerabilities in software. In this year's "Top 25 Most Dangerous Software Errors" the top of the bottom of the pile is SQL injection, which is the result of unfiltered or poorly filtered parameters.
Using SQL injection, an attacker can often get access to an entire system's data, which can lead to massive information leaks. SQL injection attacks were, along with DDoS attacks, a favourite of the recently disbanded LulzSec and allowed them to release large numbers of user records and passwords, both in plain text and encrypted; as users often use the same password on different systems, those passwords can be the key to other systems too.
In the number two position came OS command injection, which is when unfiltered parameters are used as part of a command to be executed by the underlying operating system. Still in the top three, classic buffer overflows, described as "still pernicious after all these decades", came in third thanks to their ability to allow code to be injected into running applications.
With the Top 25 list, the Institute hopes to inform developers of the potential hazards that can be created by their programming errors and how they can avoid potential vulnerabilities. The list is the result of a collaboration between SANS, MITRE and various European and American experts. This year's list has been ranked using the new Common Weakness Scoring System (CWSS), which quantifies the nature of a weakness and its potential impact.
Top 25 Most Dangerous Software Errors 2011 (CWE/SANS)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Missing Authentication for Critical Function
Use of Hard-coded Credentials
Missing Encryption of Sensitive Data
Unrestricted Upload of File with Dangerous Type
Reliance on Untrusted Inputs in a Security Decision
Execution with Unnecessary Privileges
Cross-Site Request Forgery (CSRF)
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Download of Code Without Integrity Check
Inclusion of Functionality from Untrusted Control Sphere
Incorrect Permission Assignment for Critical Resource
Use of Potentially Dangerous Function
Use of a Broken or Risky Cryptographic Algorithm
Incorrect Calculation of Buffer Size
Improper Restriction of Excessive Authentication Attempts
URL Redirection to Untrusted Site ('Open Redirect')
Uncontrolled Format String
Integer Overflow or Wraparound
Use of a One-Way Hash without a Salt