CAPEC-45: Buffer Overflow via Symbolic Links

Description
This type of attack leverages the use of symbolic links to cause buffer overflows. An adversary can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
Extended Description

The result is a window of opportunity for exploiting the product until the insecure component is discovered. This supply chain threat can result in the installation of malicious software or hardware that introduces widespread security vulnerabilities within an organization. Additionally, because software often depends upon a large number of interdependent libraries and components to be present, security holes can be introduced merely by installing Commercial off the Shelf (COTS) or Open Source Software (OSS) software that comes pre-packaged with the components required for it to operate. It is also worth noting that this attack can occur during initial product development or throughout a product's sustainment.

Severity :

High

Possibility :

High

Type :

Detailed
Relationships with other CAPECs

This table shows the other attack patterns and high level categories that are related to this attack pattern.

Prerequisites

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • The adversary can create symbolic link on the target host.
  • The target host does not perform correct boundary checking while consuming data from a resources.
Skills required

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • Low An adversary can simply overflow a buffer by inserting a long string into an adversary-modifiable injection vector. The result can be a DoS.
  • High Exploiting a buffer overflow to inject malicious code into the stack of a software system or even the heap can require a higher skill level.
Taxonomy mappings

Mappings to ATT&CK, OWASP and other frameworks.

Visit http://capec.mitre.org/ for more details.

© cvefeed.io
Latest DB Update: Dec. 24, 2024 3:46