CWE

Common Weakness Enumeration

A Community-Developed Dictionary of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors Common Weakness Scoring System
Common Weakness Risk Analysis Framework
Home > CWE List > CWE- Individual Dictionary Definition (2.6)  

Presentation Filter:

CWE-403: Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')

 
Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')
Weakness ID: 403 (Weakness Base)Status: Draft
+ Description

Description Summary

A process does not close sensitive file descriptors before invoking a child process, which allows the child to perform unauthorized I/O operations using those descriptors.

Extended Description

When a new process is forked or executed, the child process inherits any open file descriptors. When the child process has fewer privileges than the parent process, this might introduce a vulnerability if the child process can access the file descriptor but does not have the privileges to access the associated file.

+ Alternate Terms
File descriptor leak:

While this issue is frequently called a file descriptor leak, the "leak" term is often used in two different ways - exposure of a resource, or consumption of a resource. Use of this term could cause confusion.

+ Time of Introduction
  • Architecture and Design
  • Implementation
+ Applicable Platforms

Languages

All

Operating Systems

UNIX

+ Common Consequences
ScopeEffect
Confidentiality
Integrity

Technical Impact: Read application data; Modify application data

+ Observed Examples
ReferenceDescription
CVE-2003-0740Server leaks a privileged file descriptor, allowing the server to be hijacked.
CVE-2004-1033File descriptor leak allows read of restricted files.
CVE-2000-0094Access to restricted resource using modified file descriptor for stderr.
CVE-2002-0638Open file descriptor used as alternate channel in complex race condition.
CVE-2003-0489Program does not fully drop privileges after creating a file descriptor, which allows access to the descriptor via a separate vulnerability.
CVE-2003-0937User bypasses restrictions by obtaining a file descriptor then calling setuid program, which does not close the descriptor.
CVE-2004-2215Terminal manager does not properly close file descriptors, allowing attackers to access terminals of other users.
CVE-2006-5397Module opens a file for reading twice, allowing attackers to read files.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class402Transmission of Private Resources into a New Sphere ('Resource Leak')
Development Concepts (primary)699
Research Concepts (primary)1000
ChildOfCategoryCategory634Weaknesses that Affect System Processes
Resource-specific Weaknesses (primary)631
ChildOfCategoryCategory743CERT C Secure Coding Section 09 - Input Output (FIO)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ChildOfCategoryCategory877CERT C++ Secure Coding Section 09 - Input Output (FIO)
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ChildOfCategoryCategory895SFP Cluster: Information Leak
Software Fault Pattern (SFP) Clusters (primary)888
+ Affected Resources
  • System Process
  • File/Directory
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVERUNIX file descriptor leak
CERT C Secure CodingFIO42-CEnsure files are properly closed when they are no longer needed
CERT C++ Secure CodingFIO42-CPPEnsure files are properly closed when they are no longer needed
+ References
Paul Roberts. "File descriptors and setuid applications". 2007-02-05. <https://blogs.oracle.com/paulr/entry/file_descriptors_and_setuid_applications>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time_of_Introduction
2008-09-08CWE Content TeamMITREInternal
updated Applicable_Platforms, Relationships, Taxonomy_Mappings
2008-11-24CWE Content TeamMITREInternal
updated Affected_Resources, Observed_Examples, Relationships, Taxonomy_Mappings
2011-03-29CWE Content TeamMITREInternal
updated Name
2011-06-01CWE Content TeamMITREInternal
updated Common_Consequences
2011-06-27CWE Content TeamMITREInternal
updated Common_Consequences
2011-09-13CWE Content TeamMITREInternal
updated Relationships, Taxonomy_Mappings
2012-05-11CWE Content TeamMITREInternal
updated Relationships
2013-02-21CWE Content TeamMITREInternal
updated Alternate_Terms, Description, Name, Observed_Examples, References
Previous Entry Names
Change DatePrevious Entry Name
2011-03-29UNIX File Descriptor Leak
2013-02-21Exposure of File Descriptor to Unintended Control Sphere
Page Last Updated: February 18, 2014