CWE-541 通过包含源代码导致的信息暴露
Information Exposure Through Include Source Code
结构: Simple
Abstraction: Variant
状态: Incomplete
被利用可能性: unkown
基本描述
If an include file source is accessible, the file can contain usernames and passwords, as well as sensitive information pertaining to the application and system.
相关缺陷
-
cwe_Nature: ChildOf cwe_CWE_ID: 540 cwe_View_ID: 1000 cwe_Ordinal: Primary
-
cwe_Nature: ChildOf cwe_CWE_ID: 540 cwe_View_ID: 699 cwe_Ordinal: Primary
常见的影响
| 范围 | 影响 | 注释 |
|---|---|---|
| Confidentiality | Read Application Data |
可能的缓解方案
Architecture and Design
策略:
Do not store sensitive information in include files.
['Architecture and Design', 'System Configuration']
策略:
Protect include files from being exposed.
示例代码
例
The following code uses an include file to store database credentials:
database.inc
bad PHP
$dbName = 'usersDB';
$dbPassword = 'skjdh#67nkjd3$3$';
?>
login.php
bad PHP
include('database.inc');
$db = connectToDB($dbName, $dbPassword);
$db.authenticateUser($username, $password);
?>
If the server does not have an explicit handler set for .inc files it may send the contents of database.inc to an attacker without pre-processing, if the attacker requests the file directly. This will expose the database name and password. Note this is also an example of CWE-433.