Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remaining broken links #348

Closed
wants to merge 43 commits into from
Closed

Remaining broken links #348

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
43 commits
Select commit Hold shift + click to select a range
6583c88
added reference for APP-3
samz-cs Jul 25, 2022
888645d
added space before reference 309
samz-cs Jul 25, 2022
c71f898
Updated link for APP-14 [^70]
samz-cs Jul 26, 2022
e41e1df
Updated working link in [^71], for APP-5
samz-cs Jul 26, 2022
2c17658
test first hyperlink
samz-cs Jul 27, 2022
167c871
#314 change link for STA-20 [^211]
samz-cs Jul 27, 2022
56c69b5
Issue #313: [^156] ECO-22 reference link changed
samz-cs Jul 27, 2022
2b97fbd
Issue #312: [^46] PHY-1 reference link changed
samz-cs Jul 27, 2022
e4f76cf
#311: [^199] ECO-7 and ECO-8 link change
samz-cs Jul 27, 2022
4ef5cd8
#310: [^105] APP-31 link change
samz-cs Jul 27, 2022
7fa1e1b
#309: LPN-13 [^34] link change, new resource
samz-cs Jul 27, 2022
41765db
#309 update exploit example
samz-cs Jul 27, 2022
491caef
#308: [^202] STA-2 link change
samz-cs Jul 27, 2022
edc2d11
#314: STA-20 [^120] Link replaced
samz-cs Jul 27, 2022
50194dd
#317: LPN-5 [^27] link replaced
samz-cs Jul 27, 2022
f8a1726
#318: LPN-4 [^36] link replaced
samz-cs Jul 27, 2022
d39fe0e
changed one instance of [^250] and one instance of [^251] to [^309] a…
samz-cs Jul 27, 2022
b205134
changed correct reference numbers
samz-cs Jul 27, 2022
89b6a7c
#319: PAY-5 [^250] link changed
samz-cs Jul 28, 2022
a08d6cc
#320: PHY-3 [^146] link changed
samz-cs Jul 28, 2022
25da262
#321: PHY-2 and STA-42 [^143] [^144] link changed
samz-cs Jul 28, 2022
f987662
#322: ECO-0 [^193] link changed
samz-cs Jul 28, 2022
c00942b
#323: STA-40 [^S-Konstantaras-1] link changed
samz-cs Jul 28, 2022
90987d0
reverting commits that were meant for 316
samz-cs Jul 28, 2022
83a23ac
undo
samz-cs Jul 28, 2022
0430e3b
changed 323
samz-cs Jul 28, 2022
11ec693
mergeed
samz-cs Jul 28, 2022
f6a6272
revert to og nist-pages
samz-cs Aug 1, 2022
e19147f
added links for all except ^75
samz-cs Aug 2, 2022
e426f99
changed ^75 source
samz-cs Aug 2, 2022
3c06a62
changed ^75 source
samz-cs Aug 2, 2022
b1b67f7
undo ^75 change
samz-cs Aug 2, 2022
fc71112
typo fix, changed ^75 source
samz-cs Aug 2, 2022
f3e2d6b
change ^75 source
samz-cs Aug 2, 2022
a9319a4
Merge pull request #1 from samz-cs/Issues-#308-#314
samz-cs Aug 4, 2022
6e09c9c
Merge pull request #2 from samz-cs/Issues-#316-#323
samz-cs Aug 4, 2022
6c4b2b8
Merge pull request #3 from samz-cs/338
samz-cs Aug 4, 2022
f0ffa47
#326 : reference links for AUT-0
samz-cs Aug 4, 2022
0e676d5
changed exploit example
samz-cs Aug 4, 2022
419f4fb
#331
samz-cs Aug 4, 2022
6ef778a
#336
samz-cs Aug 4, 2022
c9337dc
#337
samz-cs Aug 4, 2022
a9d5344
Merge branch 'test-hyperlink' into remaining-broken-links
samz-cs Aug 4, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions _application-threats/APP-7.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,11 @@
layout: threat
ThreatCategory: Vulnerable Applications
ID: APP-7
Threat: Data or Funcionality Exposed to Untrusted Apps
Threat: Data or Functionality Exposed to Untrusted Apps
ThreatDescription: Android apps can be designed to share data with other apps through a variety of mechanisms such as broadcast receivers, services, intents, and content providers. Some of these mechanisms permit the app developer to grant broader permissions to untrusted apps than intended. As a result, a malicious app may gain unauthorized access to sensitive functionality or data. The malicious app may further take advantage of the weak permission to exploit other vulnerabilities in the receiving app by sending it crafted input.
ThreatOrigin:
ExploitExample:
- eBay for Android Content Provider Injection Vulnerability [^75]
- 50 Ways to Leak Your Data: An Exploration of Apps’ Circumvention of the Android Permissions System [^75]
- Smishing Vulnerability in Multiple Android Platforms [^76]
- Android SMS Spoofer [^77]
- Content provider permission bypass allows malicious application to access data [^78]
Expand Down
10 changes: 2 additions & 8 deletions _authentication-threats/AUT-0.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,16 +3,10 @@ layout: threat
ThreatCategory: 'Authentication: User or Device to Remote Service'
ID: AUT-0
Threat: Use of Stolen Credentials
ThreatOrigin: 'Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Devices [^61]'
ThreatOrigin: 'Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Devices [^61]
ThreatDescription: Attackers able to steal authorized credentials could potentially login to sensitive services or devices, and gain unauthorized access to privileged information.
ExploitExample:
- CBS App & Mobility Website [^116]
- The Fork [^117]
- Star Q8 [^118]
- Corriere Della Sera App [^119]
- LaTribune [^120]
- Card Crypt [^121]
- Starbucks Caught Storing Mobile Passwords in Clear Text [^122]
- How malware steals autofill data from browsers [^116]
CVEExample:
PossibleCountermeasures:
Enterprise:
Expand Down
Loading