Tag Archives: CWE- 58

CWE-58 – Path Equivalence: Windows 8.3 Filename

Read Time:59 Second

Description

The software contains a protection mechanism that restricts access to a long filename on a Windows operating system, but the software does not properly restrict access to the equivalent short “8.3” filename.

On later Windows operating systems, a file can have a “long name” and a short name that is compatible with older Windows file systems, with up to 8 characters in the filename and 3 characters for the extension. These “8.3” filenames, therefore, act as an alternate name for files with long names, so they are useful pathname equivalence manipulations.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-41

 

Consequences

Confidentiality, Integrity: Read Files or Directories, Modify Files or Directories

 

Potential Mitigations

Phase: System Configuration

Description: 

Disable Windows from supporting 8.3 filenames by editing the Windows registry. Preventing 8.3 filenames will not remove previously generated 8.3 filenames.

CVE References

  • CVE-1999-0012
    • Multiple web servers allow restriction bypass using 8.3 names instead of long names
  • CVE-2005-0471
    • Multi-Factor Vulnerability. Product generates temporary filenames using long filenames, which become predictable in 8.3 format.