CWE-459 清理环节不完整
Incomplete Cleanup
结构: Simple
Abstraction: Base
状态: Draft
被利用可能性: unkown
基本描述
The software does not properly "clean up" and remove temporary or supporting resources after they have been used.
相关缺陷
-
cwe_Nature: ChildOf cwe_CWE_ID: 404 cwe_View_ID: 1000 cwe_Ordinal: Primary
-
cwe_Nature: ChildOf cwe_CWE_ID: 404 cwe_View_ID: 1003 cwe_Ordinal: Primary
适用平台
Language: {'cwe_Class': 'Language-Independent', 'cwe_Prevalence': 'Undetermined'}
常见的影响
| 范围 | 影响 | 注释 |
|---|---|---|
| ['Other', 'Confidentiality', 'Integrity'] | ['Other', 'Read Application Data', 'Modify Application Data', 'DoS: Resource Consumption (Other)'] | It is possible to overflow the number of temporary files because directories typically have limits on the number of files allowed. This could create a denial of service problem. |
可能的缓解方案
['Architecture and Design', 'Implementation']
策略:
Temporary files and other supporting resources should be deleted/released immediately after they are no longer needed.
示例代码
例
Stream resources in a Java application should be released in a finally block, otherwise an exception thrown before the call to close() would result in an unreleased I/O resource. In the example below, the close() method is called in the try block (incorrect).
bad Java
byte b[] = new byte[is.available()];
is.read(b);
is.close();
分析过的案例
| 标识 | 说明 | 链接 |
|---|---|---|
| CVE-2000-0552 | World-readable temporary file not deleted after use. | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0552 |
| CVE-2005-2293 | Temporary file not deleted after use, leaking database usernames and passwords. | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2293 |
| CVE-2002-0788 | Interaction error creates a temporary file that can not be deleted due to strong permissions. | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0788 |
| CVE-2002-2066 | Alternate data streams for NTFS files are not cleared when files are wiped (alternate channel / infoleak). | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2066 |
| CVE-2002-2067 | Alternate data streams for NTFS files are not cleared when files are wiped (alternate channel / infoleak). | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2067 |
| CVE-2002-2068 | Alternate data streams for NTFS files are not cleared when files are wiped (alternate channel / infoleak). | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2068 |
| CVE-2002-2069 | Alternate data streams for NTFS files are not cleared when files are wiped (alternate channel / infoleak). | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2069 |
| CVE-2002-2070 | Alternate data streams for NTFS files are not cleared when files are wiped (alternate channel / infoleak). | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2070 |
| CVE-2005-1744 | Users not logged out when application is restarted after security-relevant changes were made. | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1744 |
Notes
Relationship CWE-459 is a child of CWE-404 because, while CWE-404 covers any type of improper shutdown or release of a resource, CWE-459 deals specifically with a multi-step shutdown process in which a crucial step for "proper" cleanup is omitted or impossible. That is, CWE-459 deals specifically with a cleanup or shutdown process that does not successfully remove all potentially sensitive data. Relationship Overlaps other categories such as permissions and containment. Concept needs further development. This could be primary (e.g. leading to infoleak) or resultant (e.g. resulting from unhandled error conditions or early termination).
分类映射
| 映射的分类名 | ImNode ID | Fit | Mapped Node Name |
|---|---|---|---|
| PLOVER | Incomplete Cleanup | ||
| OWASP Top Ten 2004 | A10 | CWE More Specific | Insecure Configuration Management |
| CERT C Secure Coding | FIO42-C | CWE More Abstract | Close files when they are no longer needed |
| CERT C Secure Coding | MEM31-C | CWE More Abstract | Free dynamically allocated memory when no longer needed |
| The CERT Oracle Secure Coding Standard for Java (2011) | FIO04-J | Release resources when they are no longer needed | |
| The CERT Oracle Secure Coding Standard for Java (2011) | FIO00-J | Do not operate on files in shared directories | |
| Software Fault Patterns | SFP14 | Failure to release resource |