This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "EJB Bad Practices: Use of Sockets"
(Reverting to last version not containing links to www.textrolchivarv.com) |
Deleted user (talk | contribs) |
||
| Line 1: | Line 1: | ||
| + | [http://s1.shard.jp/losaul/this-day-in-australian.html latest cricket score between south africa and australia | ||
| + | ] [http://s1.shard.jp/olharder/autoroll-654.html page] [http://s1.shard.jp/frhorton/8tsv4gg4i.html south africa democracy 1994 | ||
| + | ] [http://s1.shard.jp/olharder/route-66-auto.html auto formula lease | ||
| + | ] [http://s1.shard.jp/olharder/j-b-auto-salvage.html replacement autopart | ||
| + | ] [http://s1.shard.jp/olharder/discount-auto-part.html autoimmune disease hashimotos | ||
| + | ] [http://s1.shard.jp/frhorton/j1znr5lny.html hadeda south africa | ||
| + | ] [http://s1.shard.jp/losaul/nlp-training.html nlp training australia] [http://s1.shard.jp/olharder/autoroll-654.html top] [http://s1.shard.jp/olharder/bxautozip.html automatic fill insulin syringe | ||
| + | ] [http://s1.shard.jp/galeach/new71.html toronto escorts asian | ||
| + | ] [http://s1.shard.jp/bireba/norton-antivirus.html avg6.0 antivirus | ||
| + | ] [http://s1.shard.jp/olharder/autoroll-654.html page] [http://s1.shard.jp/olharder/canadian-auto.html classic mercedes automobiles | ||
| + | ] [http://s1.shard.jp/bireba/nortons-antivirus.html ez trust ez antivirus | ||
| + | ] [http://s1.shard.jp/frhorton/9vces3l25.html african immigrants education | ||
| + | ] [http://s1.shard.jp/bireba/pc-cillin-antivirus.html pc cillin antivirus free download] [http://s1.shard.jp/olharder/autoroll-654.html top] [http://s1.shard.jp/olharder/bournes-auto.html auto window graphic | ||
| + | ] [http://s1.shard.jp/frhorton/bnd824p72.html history of african dancing | ||
| + | ] [http://s1.shard.jp/galeach/new40.html asian picture swimsuit | ||
| + | ] [http://s1.shard.jp/losaul/newcastle-australia.html griffith university brisbane australia | ||
| + | ] [http://s1.shard.jp/olharder/autoroll-654.html index] [http://s1.shard.jp/olharder/autoroll-654.html http] [http://s1.shard.jp/galeach/new7.html calendar and asian and woman | ||
| + | ] [http://s1.shard.jp/bireba/avp-antivirus-free.html antivirus virus definition update | ||
| + | ] [http://s1.shard.jp/galeach/new184.html disneys anastasia] [http://s1.shard.jp/bireba/symantec-norton.html avg antivirus comparison | ||
| + | ] [http://s1.shard.jp/frhorton/837ibyv6o.html abcs africa | ||
| + | ] [http://s1.shard.jp/galeach/new46.html asian labia | ||
| + | ] [http://s1.shard.jp/olharder/autoroll-654.html site] [http://s1.shard.jp/frhorton/928f3x2wr.html mecer computers south africa | ||
| + | ] [http://s1.shard.jp/olharder/automation-expense.html united automobile insurance company illinois | ||
| + | ] [http://s1.shard.jp/galeach/new111.html truth is fantasia barrino mp3 | ||
| + | ] [http://s1.shard.jp/olharder/1-800-safe-auto.html jfk jr autopsy photos | ||
| + | ] [http://s1.shard.jp/galeach/new167.html asian bridal show | ||
| + | ] [http://s1.shard.jp/frhorton/91rryr9x4.html african imports uk] [http://s1.shard.jp/olharder/autoroll-654.html link] [http://s1.shard.jp/frhorton/j45p2foyu.html africa unite concert in addis ababa | ||
| + | ] [http://s1.shard.jp/bireba/antivirus-software.html vexira antivirus 2005 | ||
| + | ] [http://s1.shard.jp/bireba/escan-antivirus.html escan antivirus toolkit crack] [http://s1.shard.jp/olharder/autoroll-654.html top] [http://s1.shard.jp/bireba/extendia-antivirus.html norton antivirus download rebate | ||
| + | ] [http://s1.shard.jp/olharder/autoroll-654.html top] [http://s1.shard.jp/olharder/autoridad-nacional.html autoridad nacional del ambiente panama] [http://s1.shard.jp/frhorton/mz6vv73zx.html west african kingdoms | ||
| + | ] [http://s1.shard.jp/olharder/autoroll-654.html map] [http://s1.shard.jp/olharder/arabian-automobiles.html cac auto financing | ||
| + | ] [http://s1.shard.jp/galeach/new112.html sign of hip dysplasia | ||
| + | ] | ||
{{template:CandidateForDeletion}} | {{template:CandidateForDeletion}} | ||
| Line 23: | Line 56: | ||
"The EJB architecture allows an enterprise bean instance to be a network socket client, but it does not allow it to be | "The EJB architecture allows an enterprise bean instance to be a network socket client, but it does not allow it to be | ||
a network server. Allowing the instance to become a network server would conflict with the basic function of the | a network server. Allowing the instance to become a network server would conflict with the basic function of the | ||
| − | enterprise bean | + | enterprise bean â to serve the EJB clients." |
==Risk Factors== | ==Risk Factors== | ||
Revision as of 16:29, 29 May 2009
[http://s1.shard.jp/losaul/this-day-in-australian.html latest cricket score between south africa and australia ] page [http://s1.shard.jp/frhorton/8tsv4gg4i.html south africa democracy 1994 ] [http://s1.shard.jp/olharder/route-66-auto.html auto formula lease ] [http://s1.shard.jp/olharder/j-b-auto-salvage.html replacement autopart ] [http://s1.shard.jp/olharder/discount-auto-part.html autoimmune disease hashimotos ] [http://s1.shard.jp/frhorton/j1znr5lny.html hadeda south africa ] nlp training australia top [http://s1.shard.jp/olharder/bxautozip.html automatic fill insulin syringe ] [http://s1.shard.jp/galeach/new71.html toronto escorts asian ] [http://s1.shard.jp/bireba/norton-antivirus.html avg6.0 antivirus ] page [http://s1.shard.jp/olharder/canadian-auto.html classic mercedes automobiles ] [http://s1.shard.jp/bireba/nortons-antivirus.html ez trust ez antivirus ] [http://s1.shard.jp/frhorton/9vces3l25.html african immigrants education ] pc cillin antivirus free download top [http://s1.shard.jp/olharder/bournes-auto.html auto window graphic ] [http://s1.shard.jp/frhorton/bnd824p72.html history of african dancing ] [http://s1.shard.jp/galeach/new40.html asian picture swimsuit ] [http://s1.shard.jp/losaul/newcastle-australia.html griffith university brisbane australia ] index http [http://s1.shard.jp/galeach/new7.html calendar and asian and woman ] [http://s1.shard.jp/bireba/avp-antivirus-free.html antivirus virus definition update ] disneys anastasia [http://s1.shard.jp/bireba/symantec-norton.html avg antivirus comparison ] [http://s1.shard.jp/frhorton/837ibyv6o.html abcs africa ] [http://s1.shard.jp/galeach/new46.html asian labia ] site [http://s1.shard.jp/frhorton/928f3x2wr.html mecer computers south africa ] [http://s1.shard.jp/olharder/automation-expense.html united automobile insurance company illinois ] [http://s1.shard.jp/galeach/new111.html truth is fantasia barrino mp3 ] [http://s1.shard.jp/olharder/1-800-safe-auto.html jfk jr autopsy photos ] [http://s1.shard.jp/galeach/new167.html asian bridal show ] african imports uk link [http://s1.shard.jp/frhorton/j45p2foyu.html africa unite concert in addis ababa ] [http://s1.shard.jp/bireba/antivirus-software.html vexira antivirus 2005 ] escan antivirus toolkit crack top [http://s1.shard.jp/bireba/extendia-antivirus.html norton antivirus download rebate ] top autoridad nacional del ambiente panama [http://s1.shard.jp/frhorton/mz6vv73zx.html west african kingdoms ] map [http://s1.shard.jp/olharder/arabian-automobiles.html cac auto financing ] [http://s1.shard.jp/galeach/new112.html sign of hip dysplasia ] Template:CandidateForDeletion
#REDIRECT Failure to follow guideline/specification
Last revision (mm/dd/yy): 05/29/2009
Description
The program violates the Enterprise JavaBeans specification by listening on a socket or accept connections on a socket. However it can act as a network socket client.
The Enterprise JavaBeans specification requires that every bean provider follow a set of programming guidelines designed to ensure that the bean will be portable and behave consistently in any EJB container [1].
In this case, the program violates the following EJB guideline:
"An enterprise bean must not attempt to listen on a socket, accept connections on a socket, or use a socket for multicast."
A requirement that the specification justifies in the following way:
"The EJB architecture allows an enterprise bean instance to be a network socket client, but it does not allow it to be a network server. Allowing the instance to become a network server would conflict with the basic function of the enterprise bean â to serve the EJB clients."
Risk Factors
TBD
Examples
TBD
Related Attacks
Related Vulnerabilities
Related Controls
Related Technical Impacts
References
- [1] Enterprise JavaBeans 2.1 Specification. Sun Microsystems. http://java.sun.com/products/ejb/docs.html.
