CAPEC 29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions

Draft Standard High Risk

Severity High

Description

This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. A typical example is file access. The adversary can leverage a file access race condition by \'running the race\', meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary could replace or modify the file, causing the application to behave unexpectedly.

Attack Execution Flow

Step 1

Explore

The adversary explores to gauge what level of access they have.

Step 2

Experiment

The adversary confirms access to a resource on the target host. The adversary confirms ability to modify the targeted resource.

Step 3

Exploit

The adversary decides to leverage the race condition by 'running the race', meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary can replace the resource and cause an escalation of privilege.

Mitigations

Consequences

Security Scopes Affected

Access Control Authorization Availability Confidentiality Integrity

Potential Impacts

Alter Execution Logic Gain Privileges Modify Data Read Data Resource Consumption

CAPEC 29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions

Description

Attack Execution Flow

Step 1

Step 2

Step 3

Mitigations

Be Aware That Improper Use Of Access Function Calls Such As Chown(), Tempfile(), Chmod(), Etc. Can Cause A Race Condition.

Pay Attention To Concurrency Problems Related To The Access Of Resources.

Use Safe Libraries To Access Resources Such As Files.

Use Static Analysis Tools To Find Race Conditions.

Use Synchronization To Control The Flow Of Execution.

Consequences

Security Scopes Affected

Potential Impacts

Relationships

Parent CAPECs

Child CAPECs

CAPEC 29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions

Description

Attack Execution Flow

Step 1

Step 2

Step 3

Mitigations

Be Aware That Improper Use Of Access Function Calls Such As Chown(), Tempfile(), Chmod(), Etc. Can Cause A Race Condition.

Pay Attention To Concurrency Problems Related To The Access Of Resources.

Use Safe Libraries To Access Resources Such As Files.

Use Static Analysis Tools To Find Race Conditions.

Use Synchronization To Control The Flow Of Execution.

Consequences

Security Scopes Affected

Potential Impacts

Relationships

Parent CAPECs

Child CAPECs

Iscriviti alla newsletter