CWE
Home > CWE List > CWE- Individual Dictionary Definition (1.6)  

CWE-36: Absolute Path Traversal

 
Absolute Path Traversal
Weakness ID: 36 (Weakness Base)Status: Draft
+ Description

Description Summary

The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly sanitize absolute path sequences such as "/abs/path" that can resolve to a location that is outside of that directory.

Extended Description

This allows attackers to traverse the file system to access files or directories that are outside of the restricted directory.

+ Time of Introduction
  • Architecture and Design
  • Implementation
+ Applicable Platforms

Languages

All

+ Demonstrative Examples

Example 1

In the example below, the path to a dictionary file is read from a system property and used to initialize a File object without having been sanitized. Ideally, the path should be resolved relative to some kind of application or user home directory.

(Bad Code)
Java
String filename = System.getProperty("com.domain.application.dictionaryFile");
File dictionaryFile = new File(filename);
+ Potential Mitigations
PhaseDescription

see "Path Traversal" (CWE-22)

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class22Path Traversal
Development Concepts (primary)699
Research Concepts (primary)1000
ParentOfWeakness VariantWeakness Variant37Path Traversal: '/absolute/pathname/here'
Development Concepts (primary)699
Research Concepts (primary)1000
ParentOfWeakness VariantWeakness Variant38Path Traversal: '\absolute\pathname\here'
Development Concepts (primary)699
Research Concepts (primary)1000
ParentOfWeakness VariantWeakness Variant39Path Traversal: 'C:dirname'
Development Concepts (primary)699
Research Concepts (primary)1000
ParentOfWeakness VariantWeakness Variant40Path Traversal: '\\UNC\share\name\' (Windows UNC Share)
Development Concepts (primary)699
Research Concepts (primary)1000
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVERAbsolute Path Traversal
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Sean EidemillerCigitalExternal
added/updated demonstrative examples
2008-07-01Eric DalciCigitalExternal
updated Time of Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Taxonomy Mappings
2008-10-14CWE Content TeamMITREInternal
updated Description
Page Last Updated: October 29, 2009