{"id":793,"date":"2024-04-15T12:00:07","date_gmt":"2024-04-15T16:00:07","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/jasmyn-wilhelm\/?p=793"},"modified":"2024-04-19T23:06:34","modified_gmt":"2024-04-20T03:06:34","slug":"read-the-brief-article-about-sql-injection-loses-1-spot-as-most-dangerous-attack-technique-the-article-mentions-a-new-technique-used-to-rank-the-most-dangerous-vulnerabilities-at","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/jasmyn-wilhelm\/2024\/04\/15\/read-the-brief-article-about-sql-injection-loses-1-spot-as-most-dangerous-attack-technique-the-article-mentions-a-new-technique-used-to-rank-the-most-dangerous-vulnerabilities-at\/","title":{"rendered":"Module 14: Read the brief article about \u201cSQL Injection loses #1 spot as most dangerous attack technique\u201d. The article mentions a new technique used to rank the most dangerous vulnerabilities. At the end it mentions the top 3 vulnerabilities. Research on the top vulnerability listed and provide any other articles you came across about it."},"content":{"rendered":"\n<figure class=\"wp-block-embed is-type-wp-embed is-provider-security-boulevard wp-block-embed-security-boulevard\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"wp-embedded-content\" data-secret=\"yP0msrBsrm\"><a href=\"https:\/\/securityboulevard.com\/2019\/12\/sql-injection-loses-1-spot-as-most-dangerous-attack-technique\/\">SQL Injection loses #1 spot as most dangerous attack technique<\/a><\/blockquote><iframe class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; clip: rect(1px, 1px, 1px, 1px);\" title=\"&#8220;SQL Injection loses #1 spot as most dangerous attack technique&#8221; &#8212; Security Boulevard\" src=\"https:\/\/securityboulevard.com\/2019\/12\/sql-injection-loses-1-spot-as-most-dangerous-attack-technique\/embed\/#?secret=KlQUn3Q0Hy#?secret=yP0msrBsrm\" data-secret=\"yP0msrBsrm\" width=\"600\" height=\"338\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe>\n<\/div><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<p>This vulnerability of &#8220;Improper Restriction of Operations within the Bounds of a Memory Buffer&#8221; occurs when an offender operates outside the intended buffer allowing them to read, write, or execute at the outside location. Many articles have been written about this vulnerability and examples given by Lucian Constantian explained how this vulnerability can allow for privilege escalation, DoS attacks, and out-of-bounds reads. Constantian also explains ways to help prevent or detect buffer overflows such as by using memory-safe programming, ASLR, PIE, and compiler flags and extensions.<\/p>\n\n\n\n<p><strong>Resources:<\/strong><\/p>\n\n\n\n<p>Constantin, L. (2020, January 22). <em>What is a buffer overflow? And how hackers exploit these vulnerabilities<\/em>. CSO Online. https:\/\/www.csoonline.com\/article\/568835\/what-is-a-buffer-overflow-and-how-hackers-exploit-these-vulnerabilities.html<\/p>\n\n\n\n<p><em>CWE &#8211;&nbsp; &nbsp; CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer (4.14)<\/em>. (n.d.). https:\/\/cwe.mitre.org\/data\/definitions\/119.html<\/p>\n\n\n\n<p><em>NVD &#8211; CVE-2023-3953<\/em>. (n.d.). https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-3953<\/p>\n\n\n\n<p>Truta, F. (2019, December 4). <em>SQL Injection loses #1 spot as most dangerous attack technique &#8211; Security Boulevard<\/em>. Security Boulevard. https:\/\/securityboulevard.com\/2019\/12\/sql-injection-loses-1-spot-as-most-dangerous-attack-technique\/<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This vulnerability of &#8220;Improper Restriction of Operations within the Bounds of a Memory Buffer&#8221; occurs when an offender operates outside the intended buffer allowing them to read, write, or execute at the outside location. Many articles have been written about&#8230; <a class=\"more-link\" href=\"https:\/\/sites.wp.odu.edu\/jasmyn-wilhelm\/2024\/04\/15\/read-the-brief-article-about-sql-injection-loses-1-spot-as-most-dangerous-attack-technique-the-article-mentions-a-new-technique-used-to-rank-the-most-dangerous-vulnerabilities-at\/\">Continue Reading &rarr;<\/a><\/p>\n","protected":false},"author":27258,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[17],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/jasmyn-wilhelm\/wp-json\/wp\/v2\/posts\/793"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/jasmyn-wilhelm\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/jasmyn-wilhelm\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/jasmyn-wilhelm\/wp-json\/wp\/v2\/users\/27258"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/jasmyn-wilhelm\/wp-json\/wp\/v2\/comments?post=793"}],"version-history":[{"count":2,"href":"https:\/\/sites.wp.odu.edu\/jasmyn-wilhelm\/wp-json\/wp\/v2\/posts\/793\/revisions"}],"predecessor-version":[{"id":798,"href":"https:\/\/sites.wp.odu.edu\/jasmyn-wilhelm\/wp-json\/wp\/v2\/posts\/793\/revisions\/798"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/jasmyn-wilhelm\/wp-json\/wp\/v2\/media?parent=793"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/jasmyn-wilhelm\/wp-json\/wp\/v2\/categories?post=793"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/jasmyn-wilhelm\/wp-json\/wp\/v2\/tags?post=793"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}