RESSPEC: Resource-Specific Nodes
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| ID: 117 | Name: Log Forging |
|
URL: http://cwe.mitre.org/data/definitions/117.html Writing unvalidated user input into log files can allow an attacker to forge log entries or inject malicious content into logs. |
|
| ID: 141 | Name: Parameter Delimiter |
|
URL: http://cwe.mitre.org/data/definitions/141.html Parameter delimiters injected into an application can be used to compromise a system. As data is parsed, an injected/absent/malformed delimiter may cause the process to take unexpected actions that result in an attack. |
|
| ID: 142 | Name: Value Delimiter |
|
URL: http://cwe.mitre.org/data/definitions/142.html Value delimiters injected into an application can be used to compromise a system. As data is parsed, an injected/absent/malformed delimiter may cause the process to take unexpected actions that result in an attack. |
|
| ID: 143 | Name: Record Delimiter |
|
URL: http://cwe.mitre.org/data/definitions/143.html Record delimiters injected into an application can be used to compromise a system. as data is parsed, an injected/absent/malformed delimiter may cause the process to take unexpected actions that result in an attack. |
|
| ID: 144 | Name: Line Delimiter |
|
URL: http://cwe.mitre.org/data/definitions/144.html Line delimiters injected into an application can be used to compromise a system. as data is parsed, an injected/absent/malformed delimiter may cause the process to take unexpected actions that result in an attack. |
|
| ID: 145 | Name: Section Delimiter |
|
URL: http://cwe.mitre.org/data/definitions/145.html Section delimiters injected into an application can be used to compromise a system. as data is parsed, an injected/absent/malformed delimiter may cause the process to take unexpected actions that result in an attack. One example of a section delimiter is the boundary string in a multipart MIME message. In many cases, doubled line delimiters can serve as a section delimiter. |
|
| ID: 146 | Name: Delimiter between Expressions or Commands |
|
URL: http://cwe.mitre.org/data/definitions/146.html Delimiters between expressions or commands injected into the software through input can be used to compromise a system. as data is parsed, an injected/absent/malformed delimiter may cause the process to take unexpected actions that result in an attack. |
|
| ID: 200 | Name: Information Leak (information disclosure) |
|
URL: http://cwe.mitre.org/data/definitions/200.html An information leak is the intentional or unintentional disclosure of information that either (1) is regarded as sensitive within the product's own functionality, such as a private message, or (2) provides information about the product or its environment that could be useful in an attack but is normally not available to the attacker, such as the installation path of a product that is remotely accessible. Many information leaks are resultant (e.g. path disclosure in PHP script error), but they can also be primary (e.g. timing discrepancies in crypto). There are many different types of problems that involve information leaks. Their severity can range widely depending on the type of information that is leaked. In addition, information leaks are often resultant. |
|
| ID: 209 | Name: Error Message Information Leaks |
|
URL: http://cwe.mitre.org/data/definitions/209.html Server messages need to be parsed before being passed on to the user. |
|
| ID: 210 | Name: Product-Generated Error Message Information Leak |
|
URL: http://cwe.mitre.org/data/definitions/210.html The software identifies an error condition and creates its own diagnostic or error messages that contain sensitive information. |
|
| ID: 211 | Name: Product-External Error Message Information Leak |
|
URL: http://cwe.mitre.org/data/definitions/211.html The software performs an operation that triggers a diagnostic or error message that is not under direct control of the product, e.g. an error generated by the programming language that the product uses. This is inherently a resultant vulnerability from a Weakness within the product or an interaction error. It might be controllable by configuration, e.g. in PHP error messages. |
|
| ID: 212 | Name: Cross-Boundary Cleansing Information Leak |
|
URL: http://cwe.mitre.org/data/definitions/212.html The software does not properly remove sensitive data from a source when preparing it for, or transferring it to, an untrusted destination. For example, an internal IP address might be discovered. This discloses information about the IP addressing scheme of the internal network and can be valuable to attackers. |
|
| ID: 214 | Name: Process Information Leak to Other Processes |
|
URL: http://cwe.mitre.org/data/definitions/214.html Certain information about a process could be obtained from other processes within the operating system, including arguments and environment variables. This can be an externally controlled infoleak, but some protective mechanisms may exist that could make it internally controlled. |
|
| ID: 215 | Name: Information Leak Through Debug Information |
|
URL: http://cwe.mitre.org/data/definitions/215.html |
|
| ID: 312 | Name: Plaintext Storage of Sensitive Information |
|
URL: http://cwe.mitre.org/data/definitions/312.html |
|
| ID: 313 | Name: Plaintext Storage in File or on Disk |
|
URL: http://cwe.mitre.org/data/definitions/313.html Storing sensitive data in plaintext makes the data more easily accessible than if encrypted. This significantly lowers the difficulty of exploitation by attackers. |
|
| ID: 314 | Name: Plaintext Storage in Registry |
|
URL: http://cwe.mitre.org/data/definitions/314.html Storing sensitive data in plaintext makes the data more easily accessible than if encrypted. This significantly lowers the difficulty of exploitation by attackers. |
|
| ID: 315 | Name: Plaintext Storage in Cookie |
|
URL: http://cwe.mitre.org/data/definitions/315.html Storing sensitive data in plaintext makes the data more easily accessible than if encrypted. This significantly lowers the difficulty of exploitation by attackers. |
|
| ID: 316 | Name: Plaintext Storage in Memory |
|
URL: http://cwe.mitre.org/data/definitions/316.html Storing sensitive data in plaintext makes the data more easily accessible than if encrypted. This significantly lowers the difficulty of exploitation by attackers. |
|
| ID: 317 | Name: Plaintext Storage in GUI |
|
URL: http://cwe.mitre.org/data/definitions/317.html Storing sensitive data in plaintext makes the data more easily accessible than if encrypted. This significantly lowers the difficulty of exploitation by attackers. |
|
| ID: 318 | Name: Plaintext Storage in Executable |
|
URL: http://cwe.mitre.org/data/definitions/318.html Sensitive information should not be stored in plaintext in an executable. Attackers can reverse engineer a binary code to obtain secret data. |
|
| ID: 528 | Name: Information Leak Through Core Dump Files |
|
URL: http://cwe.mitre.org/data/definitions/528.html A core dump file left in a directory can lead to system information exposure - maybe even logins. |
|
| ID: 529 | Name: Information Leak Through Access Control List Files |
|
URL: http://cwe.mitre.org/data/definitions/529.html These files allow the attacker to know the setup of the security Access Control Lists. This will give the attacker information that may allow the attacker to bypassing the security of the site. |
|
| ID: 530 | Name: Information Leak Through Backup (.~bk) Files |
|
URL: http://cwe.mitre.org/data/definitions/530.html Often, old files are renamed with an extension such as .~bk to distinguish them from production files. The source code for old files that have been renamed in this manner and left in the webroot can often be retrieved. At a minimum, an attacker who retrieves this file would have all the information contained in it, whether that be database calls, the format of parameters accepted by the application, or simply information regarding the architectural structure of your site. |
|
| ID: 531 | Name: Information Leak Through Test Code |
|
URL: http://cwe.mitre.org/data/definitions/531.html Accessible test applications can pose a variety of security risks. Since developers or administrators rarely consider that someone besides themselves would even know about the existence these applications, it is common for them to include sensitive information or functions in them. |
|
| ID: 532 | Name: Information Leak Through Log Files |
|
URL: http://cwe.mitre.org/data/definitions/532.html Information written to log files can be of a sensitive nature and give valuable guidance to an attacker. |
|
| ID: 533 | Name: Information Leak Through Server Log Files |
|
URL: http://cwe.mitre.org/data/definitions/533.html A server.log file was found. This can give information on whatever application left the file. Usually this can give full path names and system information, and sometimes usernames and passwords. |
|
| ID: 534 | Name: Information Leak Through Debug Log Files |
|
URL: http://cwe.mitre.org/data/definitions/534.html The debug log file can be accessed from the web. |
|
| ID: 535 | Name: Information Leak Through Shell Error Message |
|
URL: http://cwe.mitre.org/data/definitions/535.html A command shell error message indicates that there exists an unhandled exception in the web application code. In many cases, an attacker can leverage the conditions that cause these errors in order to gain unauthorized access to the system. |
|
| ID: 536 | Name: Information Leak Through Servlet Runtime Error Message |
|
URL: http://cwe.mitre.org/data/definitions/536.html A servlet error message indicates that there exists an unhandled exception in your web application code. In many cases, an attacker can leverage the conditions that cause these errors in order to gain unauthorized access to the system.The error message may contain the location of the file in which the offending function is located. This may disclose the webroot's absolute path as well as give the attacker the location of application include files or configuration information. It may even disclose the portion of code that failed. |
|
| ID: 538 | Name: File and Directory Information Leaks |
|
URL: http://cwe.mitre.org/data/definitions/538.html |
|
| ID: 539 | Name: Information Leak Through Persistent Cookies |
|
URL: http://cwe.mitre.org/data/definitions/539.html Persistent cookies are cookies that are stored on the browser's hard drive. This can cause security and privacy issues depending on the information stored in the cookie and how it is accessed. |
|
| ID: 540 | Name: Information Leak Through Source Code |
|
URL: http://cwe.mitre.org/data/definitions/540.html There are situations where it is critical to remove source code from an area or server. For example, obtaining Perl source code on a system allows an attacker to view the logic of the script and extract extremely useful information such as code bugs or logins and passwords. |
|
| ID: 541 | Name: Information Leak Through Include Source Code |
|
URL: http://cwe.mitre.org/data/definitions/541.html If an include file source is accessible, the file can contain usernames and passwords, as well as sensitive information pertaining to the application and system. |
|
| ID: 542 | Name: Information Leak Through Cleanup Log Files |
|
URL: http://cwe.mitre.org/data/definitions/542.html A cleanup log file is accessible over the internet |
|
| ID: 549 | Name: Missing Password Field Masking |
|
URL: http://cwe.mitre.org/data/definitions/549.html The software fails to mask passwords during entry increasing the potential for attackers to observe and capture passwords. |
|
| ID: 598 | Name: Information Leak Through GET Request |
|
URL: http://cwe.mitre.org/data/definitions/598.html An area of the web application that possibly contains sensitive information or access to privileged functionality such as remote site administration functionality utilizes query strings to pass information between pages. Information in query strings is directly visible to the end user via the browser interface, which can cause security issues. |
|
