Home > CAPEC List > CAPEC-361: WASC-28 - Null Byte Injection (Version 3.0)  

CAPEC-361: WASC-28 - Null Byte Injection

Category ID: 361
 
Status: Draft
+ Summary
This category is related to the WASC Threat Classification 2.0 item Null Byte Injection
+ Membership
NatureTypeIDName
MemberOfViewView - A view in CAPEC represents a perspective with which one might look at the collection of attack patterns defined within CAPEC. There are three different types of views: graphs, explicit slices, and implicit slices.333WASC Threat Classification 2.0
HasMemberDetailed Attack PatternDetailed Attack Pattern - A detailed level attack pattern in CAPEC provides a low level of detail, typically leveraging a specific technique and targeting a specific technology, and expresses a complete execution flow. Detailed attack patterns are more specific than meta attack patterns and standard attack patterns and often require a specific protection mechanism to mitigate actual attacks. A detailed level attack pattern often will leverage a number of different standard level attack patterns chained together to accomplish a goal.52Embedding NULL Bytes
+ References
[REF-304] "WASC Threat Classification 2.0". WASC-28 - Null Byte Injection. The Web Application Security Consortium (WASC). 2010. <http://projects.webappsec.org/Null-Byte-Injection>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-08-04CAPEC Content TeamThe MITRE Corporation
Updated Relationships

More information is available — Please select a different filter.
Page Last Updated or Reviewed: July 31, 2018