Exception Management

From Guidance Share

Jump to: navigation, search

Contents

[edit]

Description

Exceptions that are allowed to propagate to the client can reveal internal implementatiodetails that make no sense to the end user but are useful to attackers. Applications thatdo not use exception handling or implement it poorly are also subject to denial of servicattacks.


[edit]

Vulnerabilities

  • Revealing sensitive data
  • Lack of exception handling


[edit]

Attacks

  • Attacker Reveals Implementation Details
  • Denial of Service


[edit]

Countermeasures

Countermeasures to prevent Exception Management issues include:

Retrieved from "http://www.guidanceshare.com/wiki/Exception_Management"
Personal tools