0% found this document useful (0 votes)

4 views2 pages

ch7 Short

The document outlines various cybersecurity vulnerabilities categorized into application-based, OS-based, web-based, hardware, network-based, cryptographic, and misconfiguration vulnerabilities. Each category includes specific vulnerabilities, their potential impacts, and recommended fixes. The document serves as a comprehensive cheatsheet for identifying and mitigating cybersecurity risks.

Uploaded by

amansharma2318

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

4 views2 pages

ch7 Short

Uploaded by

amansharma2318

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 2

CH-7 Cheatsheet (Cybersecurity Vulnerabilities)

1. Application-Based Vulnerabilities

● Buffer Overflow: Exceeds memory boundary → crash/code execution.

○ Fix: Input validation, bounds checking.
● Race Conditions: Two threads access same resource unsafely.
○ Fix: Use locks/synchronization.
● Input Validation Failures: Unsanitized inputs → code injection.
○ Fix: Sanitize/validate input.

2. OS-Based Vulnerabilities

● Privilege Escalation: Gain higher-level access.

○ Fix: Patch management, least privilege.
● Unpatched Systems: Known bugs left unfixed.
○ Fix: Regular updates.
● Insecure Services: Weak/default configs.
○ Fix: Disable unused services, secure configs.

3. Web-Based Vulnerabilities

● SQL Injection (SQLI): Inject SQL via inputs.

○ Fix: Input validation, parameterized queries, stored procedures.
● XSS (Cross-Site Scripting): Inject JS in browser context.
○ Fix: Sanitize output, use CSP, encode data.

4. Hardware Vulnerabilities

● Firmware Bugs: Low-level flaws → full system compromise.

○ Fix: Firmware updates, secure boot.
● EOL Systems: No vendor support.
○ Fix: Replace or isolate, segment network.
● Legacy Systems: Outdated, insecure tech.
○ Fix: Upgrade, restrict access.

5. Network-Based Vulnerabilities

● Sniffing: Capturing network traffic.

○ Fix: Use encryption (TLS, VPN).
● Spoofing: Faking identity/IP.
○ Fix: Authentication, network segmentation.
● DDoS: Overload server.
○ Fix: Firewalls, rate limiting, CDNs.
6. Cryptographic Vulnerabilities

● CA Compromise: Fake certificates.

○ Fix: Certificate pinning, CT logs.
● Key Compromise: Stolen/weak keys.
○ Fix: HSMs, key rotation.
● Flawed Implementation: Bugs in crypto code.
○ Fix: Use vetted libraries, audits.
● Outdated Algorithms: Weak ciphers (e.g. MD5, DES).
○ Fix: Use AES, SHA-256, RSA-2048+.
● Side-Channel Attacks: Exploit timing/power.
○ Fix: Constant-time ops, shielding.
● Backdoors: Hidden access.
○ Fix: Use audited open-source tools.
● Weak RNGs: Predictable keys.
○ Fix: CSPRNGs, hardware entropy.
● CRL/OCSP Issues: Ignored revocations.
○ Fix: Enforce OCSP, monitor infrastructure.
● Key Management Errors: Poor key handling.
○ Fix: Secure storage, rotation, recovery plans.
● SSL Stripping: Downgrade HTTPS → HTTP.
○ Fix: HSTS, force HTTPS.
● Protocol Downgrade: Force weak SSL/TLS.
○ Fix: Disable SSLv3/TLS1.0, enforce strong ciphers.

7. Misconfiguration Vulnerabilities

● Network Devices: Default creds, open ports.

○ Fix: Change defaults, patch firmware.
● Firewalls: Loose rules, unmonitored ports.
○ Fix: Least privilege, audit rules.
● Default Credentials: Vendor passwords.
○ Fix: Change during setup, strong policies.
● Unpatched Software: Old versions.
○ Fix: Patch management, auto-updates.
● Excessive Privileges: Unnecessary access.
○ Fix: RBAC, periodic audits.

Network Devices Vulnerability
No ratings yet
Network Devices Vulnerability
3 pages
Cysa+ Cs0-002 Exam Topics Notes: 1.0 Threat and Vulnerability Management
50% (2)
Cysa+ Cs0-002 Exam Topics Notes: 1.0 Threat and Vulnerability Management
14 pages
DS Assigment
No ratings yet
DS Assigment
2 pages
How To Perform A Vulnerability Assessment
No ratings yet
How To Perform A Vulnerability Assessment
14 pages
Technological Vulnerabilities
No ratings yet
Technological Vulnerabilities
38 pages
Security Control Families - Vulnerabilities and Mitigation
No ratings yet
Security Control Families - Vulnerabilities and Mitigation
16 pages
Pentest Qna 68
No ratings yet
Pentest Qna 68
12 pages
Offensive Security Master List
No ratings yet
Offensive Security Master List
8 pages
Information Security Keywords Short Notes
No ratings yet
Information Security Keywords Short Notes
4 pages
Cybersecurity Cheatsheet
No ratings yet
Cybersecurity Cheatsheet
9 pages
CompTIA Security+ Exam Guide
No ratings yet
CompTIA Security+ Exam Guide
11 pages
Reviewer
No ratings yet
Reviewer
3 pages
Lecture 8 Software Defense Mechanisms
No ratings yet
Lecture 8 Software Defense Mechanisms
12 pages
Cybersecurity Threats & Trends 2024
No ratings yet
Cybersecurity Threats & Trends 2024
23 pages
Advamnce
No ratings yet
Advamnce
14 pages
Week 6 Network Security Fundamentals
No ratings yet
Week 6 Network Security Fundamentals
7 pages
RCC Institute of Informationtechnology
No ratings yet
RCC Institute of Informationtechnology
12 pages
Application and Cloud Vulnerabilities
No ratings yet
Application and Cloud Vulnerabilities
5 pages
Security Best Practices in Coding
No ratings yet
Security Best Practices in Coding
57 pages
Vapt UNIT-4
No ratings yet
Vapt UNIT-4
10 pages
CourseWork2 CST3510 CyberSecurity Notes
No ratings yet
CourseWork2 CST3510 CyberSecurity Notes
4 pages
Untitled
No ratings yet
Untitled
772 pages
CCNA Sec 01
No ratings yet
CCNA Sec 01
11 pages
Ass 2 CN
No ratings yet
Ass 2 CN
5 pages
Penetration DA2
No ratings yet
Penetration DA2
5 pages
Class 2 Vulnerability Management
No ratings yet
Class 2 Vulnerability Management
11 pages
VAPT Demo1
No ratings yet
VAPT Demo1
15 pages
Mid Term
No ratings yet
Mid Term
13 pages
Network Security
No ratings yet
Network Security
16 pages
Vulnerable
No ratings yet
Vulnerable
3 pages
Comments Regarding The INSA Audit
No ratings yet
Comments Regarding The INSA Audit
10 pages
Audit Report v1
No ratings yet
Audit Report v1
15 pages
Mass Exploitation The Vulnerable Edge of Enterprise Security
No ratings yet
Mass Exploitation The Vulnerable Edge of Enterprise Security
23 pages
CompTIA CySA+ Exam Guide CS0-002
No ratings yet
CompTIA CySA+ Exam Guide CS0-002
18 pages
CYberSEcurity REvision
No ratings yet
CYberSEcurity REvision
17 pages
Owasp Top 10
No ratings yet
Owasp Top 10
12 pages
Vuln Impacts Mitigations
No ratings yet
Vuln Impacts Mitigations
3 pages
Network Vulnerabilities Prevention Methods
No ratings yet
Network Vulnerabilities Prevention Methods
2 pages
100 Vulnerabilities
0% (1)
100 Vulnerabilities
4 pages
Unit 5 ANSF
No ratings yet
Unit 5 ANSF
34 pages
Cyberattack Audit Checklist Generation
No ratings yet
Cyberattack Audit Checklist Generation
35 pages
Devops Security Checklist
100% (2)
Devops Security Checklist
14 pages
Mastering Web App Security - VAPT Techniques
No ratings yet
Mastering Web App Security - VAPT Techniques
8 pages
Cyber Security Essentials Notes
No ratings yet
Cyber Security Essentials Notes
13 pages
Cybersecurity Terminology 1740725824
No ratings yet
Cybersecurity Terminology 1740725824
72 pages
CheatSheet - SAL1
No ratings yet
CheatSheet - SAL1
3 pages
Other Important Topics - Piyushwairale
No ratings yet
Other Important Topics - Piyushwairale
24 pages
Internal Pen Test Report
No ratings yet
Internal Pen Test Report
6 pages
Application Attack Indicators
No ratings yet
Application Attack Indicators
5 pages
Interview Data Vulnerability Management
No ratings yet
Interview Data Vulnerability Management
9 pages
Application Layer Security Risks
No ratings yet
Application Layer Security Risks
3 pages
Unit V (CC)
No ratings yet
Unit V (CC)
23 pages
Vulnerabilities and Exploits in Cyber Security
No ratings yet
Vulnerabilities and Exploits in Cyber Security
6 pages
Security Assessment Solution
No ratings yet
Security Assessment Solution
19 pages
2022 08 CySA
No ratings yet
2022 08 CySA
15 pages
Software Security
No ratings yet
Software Security
5 pages
CyberSec Internship Survival Guide - Valency Networks
No ratings yet
CyberSec Internship Survival Guide - Valency Networks
16 pages
IGT Sec 2.2b
No ratings yet
IGT Sec 2.2b
7 pages
ITC Assignment 2
No ratings yet
ITC Assignment 2
2 pages
AI Math Summaries
No ratings yet
AI Math Summaries
2 pages
AD Assignment - 3 Soln
No ratings yet
AD Assignment - 3 Soln
10 pages
Quenton-Ol: Yuantty Neipelvey - B) C (Raputtauy Anayetthe
No ratings yet
Quenton-Ol: Yuantty Neipelvey - B) C (Raputtauy Anayetthe
6 pages
Capgemini Pseudocode Question Bank
No ratings yet
Capgemini Pseudocode Question Bank
39 pages
Semantic Analysis 4
No ratings yet
Semantic Analysis 4
12 pages
Semantic Analysis 3
No ratings yet
Semantic Analysis 3
15 pages
Semantic Analysis 2
No ratings yet
Semantic Analysis 2
15 pages
CH9 Short
No ratings yet
CH9 Short
3 pages
Chapter 11 Security Cheatsheet
No ratings yet
Chapter 11 Security Cheatsheet
1 page
Fortinet NSE4 - FGT-6.4 Exam - Julio2021 v2
No ratings yet
Fortinet NSE4 - FGT-6.4 Exam - Julio2021 v2
6 pages
Data Privacy and Security
No ratings yet
Data Privacy and Security
1 page
Bypass Av Dynamics (NEW)
No ratings yet
Bypass Av Dynamics (NEW)
21 pages
Step-Tech-Gui05 Cyberark Pam User Guide 5
No ratings yet
Step-Tech-Gui05 Cyberark Pam User Guide 5
17 pages
Network Security Web Security and SSL/TLS: Angelos Keromytis Columbia University
No ratings yet
Network Security Web Security and SSL/TLS: Angelos Keromytis Columbia University
24 pages
Secure Data Encryption with AES, RSA, HMAC
No ratings yet
Secure Data Encryption with AES, RSA, HMAC
5 pages
Roblox Lua Encryption Script
No ratings yet
Roblox Lua Encryption Script
107 pages
DWP Network Security Standards
No ratings yet
DWP Network Security Standards
35 pages
Security+Vulnerabilities Study+Notes Cyvitrix
No ratings yet
Security+Vulnerabilities Study+Notes Cyvitrix
4 pages
AI Powered Cyber Extortion How Artificial Intelligence Is Transforming Ransomware Attacks
No ratings yet
AI Powered Cyber Extortion How Artificial Intelligence Is Transforming Ransomware Attacks
11 pages
C&NS Lab Manual 1-11
No ratings yet
C&NS Lab Manual 1-11
36 pages
Web Application Security
No ratings yet
Web Application Security
2 pages
Guide Cyber Participant en v1
No ratings yet
Guide Cyber Participant en v1
104 pages
Certificate Verification Solutions Using ADSS Server
No ratings yet
Certificate Verification Solutions Using ADSS Server
3 pages
PAN Blocklist Site Links
No ratings yet
PAN Blocklist Site Links
1 page
All Google Cybersecurity Glossary
No ratings yet
All Google Cybersecurity Glossary
28 pages
Sample Pen Testing Report
No ratings yet
Sample Pen Testing Report
15 pages
Introduction To Network Security
No ratings yet
Introduction To Network Security
88 pages
Btech CSN CNS Theory Assignments
No ratings yet
Btech CSN CNS Theory Assignments
2 pages
Cyber Security MCQ Practice Test
No ratings yet
Cyber Security MCQ Practice Test
4 pages
Running Configrunning-Config
No ratings yet
Running Configrunning-Config
4 pages
ICTNWK544 Assessment Task 2
No ratings yet
ICTNWK544 Assessment Task 2
26 pages
Domain Keys Identified Mail
No ratings yet
Domain Keys Identified Mail
6 pages
Test - Accredited Configuration Engineer (ACE) Exam - PAN-OS 7.0 Version
No ratings yet
Test - Accredited Configuration Engineer (ACE) Exam - PAN-OS 7.0 Version
13 pages
Cybersecurity Insights for Developers
No ratings yet
Cybersecurity Insights for Developers
24 pages
Planning de Estudio Con S4vitar (Preparación OSCP, OSED, OSWE, OSEP, EJPT, EWPT, EWPTXv2, ECPPTv2, ECPTXv2) - HackTheBox
No ratings yet
Planning de Estudio Con S4vitar (Preparación OSCP, OSED, OSWE, OSEP, EJPT, EWPT, EWPTXv2, ECPPTv2, ECPTXv2) - HackTheBox
21 pages
Ispconfig Exploit
No ratings yet
Ispconfig Exploit
3 pages
Check Point VPN Debugging Guide
No ratings yet
Check Point VPN Debugging Guide
6 pages
Chapter 1 Assessment
No ratings yet
Chapter 1 Assessment
96 pages
CISSP - Domain 3 - Security Engineering
No ratings yet
CISSP - Domain 3 - Security Engineering
208 pages

ch7 Short

Uploaded by

ch7 Short

Uploaded by

CH-7 Cheatsheet (Cybersecurity Vulnerabilities)

●​ Buffer Overflow: Exceeds memory boundary → crash/code execution.

●​ Privilege Escalation: Gain higher-level access.

●​ SQL Injection (SQLI): Inject SQL via inputs.

●​ Firmware Bugs: Low-level flaws → full system compromise.

●​ Sniffing: Capturing network traffic.

●​ CA Compromise: Fake certificates.

●​ Network Devices: Default creds, open ports.

You might also like

● Buffer Overflow: Exceeds memory boundary → crash/code execution.

● Privilege Escalation: Gain higher-level access.

● SQL Injection (SQLI): Inject SQL via inputs.

● Firmware Bugs: Low-level flaws → full system compromise.

● Sniffing: Capturing network traffic.

● CA Compromise: Fake certificates.

● Network Devices: Default creds, open ports.