|
Status: Incomplete Weakness ID: 71 (Weakness Variant)Description Summary Software operating in a MAC OS environment, where .DS_Store is in effect, must carefully manage hard links, otherwise an attacker may be able to leverage a hard link from .DS_Store to overwrite arbitrary files and gain privileges. Observed Examples
Research Gaps Under-studied Relationships
Taxonomy Mappings
Applicable Platforms Languages All Time of Introduction Architecture and Design Implementation OperationMaintenance Notes This entry, which originated from PLOVER, probably stems from a common manipulation that is used to exploit symlink and hard link following weaknesses, like /etc/passwd is often used for UNIX-based exploits. As such, it is probably too low-level for inclusion in CWE. Content History Submissions PLOVER. (Externally Mined) Modifications Eric Dalci. Cigital. 2008-07-01. (External) updated Time_of_Introduction CWE Content Team. MITRE. 2008-09-08. (Internal) updated Relationships, Taxonomy_Mappings CWE Content Team. MITRE. 2008-10-14. (Internal) updated Maintenance_Notes |
|
|
|||