CWE-403 将文件描述符暴露给不受控制的范围(文件描述符泄露)

admin 2022年1月5日20:59:11CWE(弱点枚举)评论20 views2442字阅读8分8秒阅读模式

CWE-403 将文件描述符暴露给不受控制的范围(文件描述符泄露)

Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')

结构: Simple

Abstraction: Base

状态: Draft

被利用可能性: unkown

基本描述

A process does not close sensitive file descriptors before invoking a child process, which allows the child to perform unauthorized I/O operations using those descriptors.

扩展描述

When a new process is forked or executed, the child process inherits any open file descriptors. When the child process has fewer privileges than the parent process, this might introduce a vulnerability if the child process can access the file descriptor but does not have the privileges to access the associated file.

相关缺陷

  • cwe_Nature: ChildOf cwe_CWE_ID: 402 cwe_View_ID: 1000 cwe_Ordinal: Primary

  • cwe_Nature: ChildOf cwe_CWE_ID: 402 cwe_View_ID: 699 cwe_Ordinal: Primary

适用平台

Language: {'cwe_Class': 'Language-Independent', 'cwe_Prevalence': 'Undetermined'}

Operating_System: {'cwe_Class': 'Unix', 'cwe_Prevalence': 'Undetermined'}

常见的影响

范围 影响 注释
['Confidentiality', 'Integrity'] ['Read Application Data', 'Modify Application Data']

分析过的案例

标识 说明 链接
CVE-2003-0740 Server leaks a privileged file descriptor, allowing the server to be hijacked. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0740
CVE-2004-1033 File descriptor leak allows read of restricted files. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1033
CVE-2000-0094 Access to restricted resource using modified file descriptor for stderr. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0094
CVE-2002-0638 Open file descriptor used as alternate channel in complex race condition. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0638
CVE-2003-0489 Program does not fully drop privileges after creating a file descriptor, which allows access to the descriptor via a separate vulnerability. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0489
CVE-2003-0937 User bypasses restrictions by obtaining a file descriptor then calling setuid program, which does not close the descriptor. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0937
CVE-2004-2215 Terminal manager does not properly close file descriptors, allowing attackers to access terminals of other users. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2215
CVE-2006-5397 Module opens a file for reading twice, allowing attackers to read files. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5397

分类映射

映射的分类名 ImNode ID Fit Mapped Node Name
PLOVER UNIX file descriptor leak
CERT C Secure Coding FIO42-C Ensure files are properly closed when they are no longer needed
Software Fault Patterns SFP23 Exposed Data

引用

文章来源于互联网:scap中文网

特别标注: 本站(CN-SEC.COM)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
  • 我的微信
  • 微信扫一扫
  • weinxin
  • 我的微信公众号
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2022年1月5日20:59:11
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                  CWE-403 将文件描述符暴露给不受控制的范围(文件描述符泄露) http://cn-sec.com/archives/612866.html

发表评论

匿名网友 填写信息

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: