CWE-69

Improper Handling of Windows ::DATA Alternate Data Stream

AI Translation Available

The product does not properly prevent access to, or detect usage of, alternate data streams (ADS).

Status

incomplete

Abstraction

variant

Affected Platforms

Extended Description

AI Translation

An attacker can use an ADS to hide information about a file (e.g. size, the name of the process) from a system or file browser tools such as Windows Explorer and 'dir' at the command line utility. Alternately, the attacker might be able to bypass intended access restrictions for the associated data fork.

Technical Details

AI Translation

Common Consequences

access control non-repudiation other

Impacts

bypass protection mechanism hide activities other

Detection Methods

automated analysis

Potential Mitigations

Phases:

implementation

Descriptions:

• Ensure that the source code correctly parses the filename to read or write to the correct stream.

Functional Areas

file processing

AI Generated Translation

Common Consequences

controllo degli accessi non-ripudio altro

Impacts

elusione del meccanismo di protezione nascondere attività altro

Detection Methods

analisi automatizzata

Potential Mitigations

Phases:

implementazione

Descriptions:

• Assicurarsi che il codice sorgente analizzi correttamente il nome del file per leggere o scrivere sul flusso corretto.

Functional Areas

elaborazione file

CWE-69

Common Consequences

Impacts

Detection Methods

Potential Mitigations

Functional Areas

Common Consequences

Impacts

Detection Methods

Potential Mitigations

Functional Areas

Iscriviti alla newsletter