...
CALL FUNCTION 'FTP_VERSION'
...
IMPORTING
EXEPATH = p
VERSION = v
WORKING_DIR = dir
RFCPATH = rfcp
RFCVERSION = rfcv
TABLES
FTP_TRACE = FTP_TRACE.
WRITE: 'exepath: ', p, 'version: ', v, 'working_dir: ', dir, 'rfcpath: ', rfcp, 'rfcversion: ', rfcv.
...
try {
...
}
catch(e:Error) {
trace(e.getStackTrace());
}
Example 1, the search path could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.<apex:messages/> element of a Visualforce page:
try {
...
} catch (Exception e) {
ApexPages.Message msg = new ApexPages.Message(ApexPages.Severity.FATAL, e.getMessage());
ApexPages.addMessage(msg);
}
try
{
...
}
catch (Exception e)
{
Response.Write(e.ToString());
}
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
int sockfd;
int flags;
char hostname[1024];
hostname[1023] = '\0';
gethostname(hostname, 1023);
...
sockfd = socket(AF_INET, SOCK_STREAM, 0);
flags = 0;
send(sockfd, hostname, strlen(hostname), flags);
Example 1, the search path could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.SQLCODE and the error message SQlERRMC associated with the SQL command that caused the error to the terminal.
...
EXEC SQL
WHENEVER SQLERROR
PERFORM DEBUG-ERR
SQL-EXEC.
...
DEBUG-ERR.
DISPLAY "Error code is: " SQLCODE.
DISPLAY "Error message is: " SQLERRMC.
...
Example 1, a database error message can reveal that the application is vulnerable to a SQL injection attack. Other error messages can reveal more oblique clues about the system.
<cfcatch type="Any">
<cfset exception=getException(myObj)>
<cfset message=exception.toString()>
<cfoutput>
Exception message: #message#
</cfoutput>
</cfcatch>
func handler(w http.ResponseWriter, r *http.Request) {
host, err := os.Hostname()
...
fmt.Fprintf(w, "%s is busy, please try again later.", host)
}
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
protected void doPost (HttpServletRequest req, HttpServletResponse res) throws IOException {
...
PrintWriter out = res.getWriter();
try {
...
} catch (Exception e) {
out.println(e.getMessage());
}
}
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
...
try {
...
} catch (Exception e) {
String exception = Log.getStackTraceString(e);
Intent i = new Intent();
i.setAction("SEND_EXCEPTION");
i.putExtra("exception", exception);
view.getContext().sendBroadcast(i);
}
...
...
public static final String TAG = "NfcActivity";
private static final String DATA_SPLITTER = "__:DATA:__";
private static final String MIME_TYPE = "application/my.applications.mimetype";
...
TelephonyManager tm = (TelephonyManager)Context.getSystemService(Context.TELEPHONY_SERVICE);
String VERSION = tm.getDeviceSoftwareVersion();
...
NfcAdapter nfcAdapter = NfcAdapter.getDefaultAdapter(this);
if (nfcAdapter == null)
return;
String text = TAG + DATA_SPLITTER + VERSION;
NdefRecord record = new NdefRecord(NdefRecord.TNF_MIME_MEDIA,
MIME_TYPE.getBytes(), new byte[0], text.getBytes());
NdefRecord[] records = { record };
NdefMessage msg = new NdefMessage(records);
nfcAdapter.setNdefPushMessage(msg, this);
...
...
dirReader.readEntries(function(results){
...
}, function(error){
$("#myTextArea").val('There was a problem: ' + error);
});
...
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
protected fun doPost(req: HttpServletRequest, res: HttpServletResponse) {
...
val out: PrintWriter = res.getWriter()
try {
...
} catch (e: Exception) {
out.println(e.message)
}
}
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
...
try {
...
} catch (e: Exception) {
val exception = Log.getStackTraceString(e)
val intent = Intent()
intent.action = "SEND_EXCEPTION"
intent.putExtra("exception", exception)
view.context.sendBroadcast(intent)
}
...
...
companion object {
const val TAG = "NfcActivity"
private const val DATA_SPLITTER = "__:DATA:__"
private const val MIME_TYPE = "application/my.applications.mimetype"
}
...
val tm = Context.getSystemService(Context.TELEPHONY_SERVICE) as TelephonyManager
val VERSION = tm.getDeviceSoftwareVersion();
...
val nfcAdapter = NfcAdapter.getDefaultAdapter(this)
val text: String = "$TAG$DATA_SPLITTER$VERSION"
val record = NdefRecord(NdefRecord.TNF_MIME_MEDIA, MIME_TYPE.getBytes(), ByteArray(0), text.toByteArray())
val records = arrayOf(record)
val msg = NdefMessage(records)
nfcAdapter.setNdefPushMessage(msg, this)
...
NSString *deviceName = [[UIDevice currentDevice] name];
NSString *baseUrl = @"http://myserver.com/?dev=";
NSString *urlString = [baseUrl stringByAppendingString:deviceName];
NSURL *url = [NSURL URLWithString:urlString];
NSURLRequest* request = [NSURLRequest requestWithURL:url cachePolicy:NSURLRequestUseProtocolCachePolicy timeoutInterval:60.0];
NSError *err = nil;
NSURLResponse* response = nil;
NSData *data = [NSURLConnection sendSynchronousRequest:request returningResponse:&response error:&err];
<?php
...
echo "Server error! Printing the backtrace";
debug_print_backtrace();
...
?>
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.PATH_INFO and SCRIPT_NAME to the page.
...
HTP.htmlOpen;
HTP.headOpen;
HTP.title ('Environment Information');
HTP.headClose;
HTP.bodyOpen;
HTP.br;
HTP.print('Path Information: ' ||
OWA_UTIL.get_cgi_env('PATH_INFO') || '');
HTP.print('Script Name: ' ||
OWA_UTIL.get_cgi_env('SCRIPT_NAME') || '');
HTP.br;
HTP.bodyClose;
HTP.htmlClose;
...
}
Example 1, the search path could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
...
import cgi
cgi.print_environ()
...
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
response = Rack::Response.new
...
stacktrace = caller # Kernel#caller returns an array of the execution stack
...
response.finish do |res|
res.write "There was a problem: #{stacktrace}"
end
Example 1, the search path could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
def doSomething() = Action { request =>
...
Ok(Html(Properties.osName)) as HTML
}
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
let deviceName = UIDevice.currentDevice().name
let urlString : String = "http://myserver.com/?dev=\(deviceName)"
let url : NSURL = NSURL(string:urlString)
let request : NSURLRequest = NSURLRequest(URL:url)
var err : NSError?
var response : NSURLResponse?
var data : NSData = NSURLConnection.sendSynchronousRequest(request, returningResponse: &response, error:&err)
Response output stream:
...
If Err.number <>0 then
Response.Write "An Error Has Occurred on this page!<BR>"
Response.Write "The Error Number is: " & Err.number & "<BR>"
Response.Write "The Description given is: " & Err.Description & "<BR>"
End If
...
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
<!-- TBD: this needs a security audit -->
<form method="POST" action="recalcOrbit">
...
Example 2: The following method will throw a
protected void doPost (HttpServletRequest req,
HttpServletResponse res)
throws IOException {
String ip = req.getRemoteAddr();
InetAddress addr = InetAddress.getByName(ip);
...
out.println("hello " + addr.getHostName());
}
NullPointerException if the parameter "name" is not part of the request.
protected void doPost (HttpServletRequest req,
HttpServletResponse res)
throws IOException {
String name = getParameter("name");
...
out.println("hello " + name.trim());
}
...
CALL FUNCTION 'FTP_VERSION'
...
IMPORTING
EXEPATH = p
VERSION = v
WORKING_DIR = dir
RFCPATH = rfcp
RFCVERSION = rfcv
TABLES
FTP_TRACE = FTP_TRACE.
WRITE: 'exepath: ', p, 'version: ', v, 'working_dir: ', dir, 'rfcpath: ', rfcp, 'rfcversion: ', rfcv.
...
try {
...
}
catch(e:Error) {
trace(e.getStackTrace());
}
Example 1, the search path could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
try {
...
} catch (Exception e) {
System.Debug(LoggingLevel.ERROR, e.getMessage());
}
string cs="database=northwind;server=mySQLServer...";
SqlConnection conn=new SqlConnection(cs);
...
Console.Writeline(cs);
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
char* path = getenv("PATH");
...
fprintf(stderr, "cannot find exe on path %s\n", path);
Example 1, the search path could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
...
EXEC CICS DUMP TRANSACTION
DUMPCODE('name')
FROM (data-area)
LENGTH (data-value)
END-EXEC.
...
<cfscript>
try {
obj = CreateObject("person");
}
catch(any excpt) {
f = FileOpen("c:\log.txt", "write");
FileWriteLine(f, "#excpt.Message#");
FileClose(f);
}
</cfscript>
final file = await File('example.txt').create();
final raf = await file.open(mode: FileMode.write);
final data = String.fromEnvironment("PASSWORD");
raf.writeString(data);
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
path := os.Getenv("PATH")
...
log.Printf("Cannot find exe on path %s\n", path)
Example 1, the search path could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
protected void doPost (HttpServletRequest req, HttpServletResponse res) throws IOException {
...
PrintWriter out = res.getWriter();
try {
...
} catch (Exception e) {
out.println(e.getMessage());
}
}
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
...
try {
...
} catch (Exception e) {
String exception = Log.getStackTraceString(e);
Intent i = new Intent();
i.setAction("SEND_EXCEPTION");
i.putExtra("exception", exception);
view.getContext().sendBroadcast(i);
}
...
...
public static final String TAG = "NfcActivity";
private static final String DATA_SPLITTER = "__:DATA:__";
private static final String MIME_TYPE = "application/my.applications.mimetype";
...
TelephonyManager tm = (TelephonyManager)Context.getSystemService(Context.TELEPHONY_SERVICE);
String VERSION = tm.getDeviceSoftwareVersion();
...
NfcAdapter nfcAdapter = NfcAdapter.getDefaultAdapter(this);
if (nfcAdapter == null)
return;
String text = TAG + DATA_SPLITTER + VERSION;
NdefRecord record = new NdefRecord(NdefRecord.TNF_MIME_MEDIA,
MIME_TYPE.getBytes(), new byte[0], text.getBytes());
NdefRecord[] records = { record };
NdefMessage msg = new NdefMessage(records);
nfcAdapter.setNdefPushMessage(msg, this);
...
var http = require('http');
...
http.request(options, function(res){
...
}).on('error', function(e){
console.log('There was a problem with the request: ' + e);
});
...
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
try {
...
} catch (e: Exception) {
e.printStackTrace()
}
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
...
try {
...
} catch (e: Exception) {
Log.e(TAG, Log.getStackTraceString(e))
}
...
...
NSString* deviceID = [[UIDevice currentDevice] name];
NSLog(@"DeviceID: %@", deviceID);
...
deviceID entry to the list of user defaults, and stores them immediately to a plist file.
...
NSString* deviceID = [[UIDevice currentDevice] name];
[defaults setObject:deviceID forKey:@"deviceID"];
[defaults synchronize];
...
Example 2 stores system information from the mobile device in an unprotected plist file stored on the device. Although many developers trust plist files as a safe storage location for any and all data, it should not be trusted implicitly particularly when system information and privacy are a concern, since plist files could be read by anyone in possession of the device.
<?php
...
echo "Server error! Printing the backtrace";
debug_print_backtrace();
...
?>
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
try:
...
except:
print(sys.exc_info()[2])
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
...
begin
log = Logger.new(STDERR)
...
rescue Exception
log.info("Exception: " + $!)
...
end
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program. Of course, another problem with Example 1 is rescuing the root Exception instead of a specific type or error/exception, meaning it will catch all exceptions, potentially causing other unconsidered side effects.
...
println(Properties.osName)
...
Example 1, the leaked information could imply information about the type of operating system, the applications installed on the system, and the amount of care that the administrators have put into configuring the program.
let deviceName = UIDevice.currentDevice().name
...
NSLog("Device Identifier: %@", deviceName)
ASPError object to a script debugger, such as the Microsoft Script Debugger:
...
Debug.Write Server.GetLastError()
...
UDID key stores a Unique Device Identifier.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>systemName</key>
<string>John's iPhone</string>
<key>systemInfo</key>
<dict>
<key>UDID</key>
<string>2b6f0cc904d137be2e1730235f5664094b831186</string>
<key>systemVersion</key>
<string>4.2</string>
<key>model</key>
<string>iPhone</string>
<key>localizedModel</key>
<string>iPhone</string>
</dict>
</dict>
</plist>
Example 1 stores private user information from the mobile device in an unprotected plist file stored on the device. Although many developers trust plist files as a safe storage location for any and all data, it should not be trusted implicitly particularly when system information and privacy are a concern, since plist files could be read by anyone in possession of the device.EnableSensitiveDataLogging option to true which allows application data used in database commands to be included in logging and exception messages.
...
services.AddDbContext<ApplicationDbContext>(options => {
options.UseSqlServer(_configuration.GetConnectionString("ApplicationDbConnection"));
options.EnableSensitiveDataLogging(true);
});
...
log4j.properties file causes all queries to be logged at the info level.
...
log4j.logger.net.sf.hibernate.type=info
log4j.logger.net.sf.hibernate.tool.hbm2ddl=info
...
display_errors option is enabled, errors are displayed to the Web, which can illustrate potential weaknesses to an attacker. For example, a database error message can reveal that the application is vulnerable to a SQL injection attack. Other error messages can reveal more oblique clues about the system.expose_php option is enabled, every response produced by the PHP interpreter includes the version of PHP installed on the host system. Armed with the version of PHP running on the remote server, an attacker may enumerate the known exploits against the system, which can greatly lower the cost of mounting a successful attack.
app.get('/', function(req, res){
let param = req.params['template']
let val = req.params['templateVal']
let template = Handlebars.compile('{{user}}: {{' + param + '}}');
let templateInput = {}
templateInput['user'] = 'John'
templateInput[param] = val
let result = template(templateInput)
//...
});
Example 1 uses Handlebars as the template engine and user-controlled data is concatenated into the compiled template, which enables attackers to run arbitrary JavaScript.