CWE-62 - UNIX Hard Link - Cyber Security News

Read Time:1 Minute, 39 Second

Description

The software, when opening a file or directory, does not sufficiently account for when the name is associated with a hard link to a target that is outside of the intended control sphere. This could allow an attacker to cause the software to operate on unauthorized files.

Failure for a system to check for hard links can result in vulnerability to different types of attacks. For example, an attacker can escalate their privileges if a file used by a privileged program is replaced with a hard link to a sensitive file (e.g. /etc/passwd). When the process opens the file, the attacker can assume the privileges of that process.

Modes of Introduction:

– Implementation

Related Weaknesses

CWE-59

Consequences

Confidentiality, Integrity: Read Files or Directories, Modify Files or Directories

Potential Mitigations

Phase: Architecture and Design

Description:

CVE References

CVE-2001-1494
- Hard link attack, file overwrite; interesting because program checks against soft links

CVE-2002-0793
- Hard link and possibly symbolic link following vulnerabilities in embedded operating system allow local users to overwrite arbitrary files.

CVE-2003-0578
- Server creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files.

CVE-1999-0783
- Operating system allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system.

CVE-2004-1603
- Web hosting manager follows hard links, which allows local users to read or modify arbitrary files.

CVE-2004-1901
- Package listing system allows local users to overwrite arbitrary files via a hard link attack on the lockfiles.

CVE-2005-0342
- The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.

CVE-2005-1111
- Hard link race condition

BUGTRAQ:20030203 ASA-0001
- OpenBSD chpass/chfn/chsh file content leak

InCVE-2001-1494, CWE- 62, UNIX Hard Link

Cyber Security News

NCSC Expands Election Cybersecurity to Safeguard Candidates and Officials

How To Spot A Fake Facebook Account

Google Expands Synthetic Content Watermarking Tool to AI-Generated Text

Santander Customer Data Compromised Following Third-Party Breach

Current Market Forces Disincentivizing Cybersecurity, Says NCSC CTO

Expanding Horizons: LevelBlue Enhances MSSP Offerings with Government Cloud Support

A Third of CISOs Have Been Dismissed “Out of Hand” By the Board

Microsoft Fixes Three Zero-Days in May Patch Tuesday

Patch Tuesday, May 2024 Edition

CWE-62 – UNIX Hard Link

Description

Related Weaknesses

Consequences

Potential Mitigations

CVE References

The Most Dangerous Vulnerabilities in Apache Tomcat and How to Protect Against Them

ZDI-CAN-18333: A Critical Zero-Day Vulnerability in Microsoft Windows

CWE-669 – Incorrect Resource Transfer Between Spheres

CWE-67 – Improper Handling of Windows Device Names

CWE-670 – Always-Incorrect Control Flow Implementation

CWE-671 – Lack of Administrator Control over Security