An attacker uses path manipulation methods to exploit
insufficient input validation of a target to obtain access to data that should
be not be retrievable by ordinary well formed requests. A typical variety of
this attack involves specifiying a path to a desired file together with
dot-dot-slash characters, resulting in the file access API or function
traversing out of the intended directory structure and into the root file
system. By replacing or modifying the expected path information the access
function or API retrieves the file desired by the attacker.These attacks either
involve the attacker providing a complete path to a targeted file or using
control characters (e.g. path separators (/ or \) and/or dots (.)) to reach
desired directories or files.
Attack Prerequisites
The attacker must be able to control the path that is requested of the
target.
The target must fail to adequately sanitize incoming paths
Resources Required
The ability to manually manipulate path information either directly through a
client application relative to the service or application or via a proxy
application.
Vision and Technical Leadership provided by Cigital, Inc.
This Web site is hosted by The MITRE Corporation.
Copyright 2009, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.
Description
