Covert Storage ChannelID: 515 | Date: (C)2012-05-14 (M)2022-10-10 |
Type: weakness | Status: INCOMPLETE |
Abstraction Type: Base |
Description
A covert storage channel transfers information through the
setting of bits by one program and the reading of those bits by another. What
distinguishes this case from that of ordinary operation is that the bits are
used to convey encoded information.
Extended DescriptionCovert storage channels occur when out-of-band data is stored in messages
for the purpose of memory reuse. Covert channels are frequently classified
as either storage or timing channels. Examples would include using a file
intended to hold only audit information to convey user passwords--using the
name of a file or perhaps status bits associated with it that can be read by
all users to signal the contents of the file. Steganography, concealing
information in such a manner that no one but the intended recipient knows of
the existence of the message, is a good example of a covert storage
channel.
Likelihood of Exploit: High
Applicable PlatformsNone
Time Of Introduction
Common Consequences
Scope | Technical Impact | Notes |
---|
Confidentiality | Read application
data | Covert storage channels may provide attackers with important
information about the system in question. |
IntegrityConfidentiality | Read application
data | If these messages or packets are sent with unnecessary data contained
within, it may tip off malicious listeners as to the process that
created the message. With this information, attackers may learn any
number of things, including the hardware platform, operating system, or
algorithms used by the sender. This information can be of significant
value to the user in launching further attacks. |
Detection MethodsNone
Potential Mitigations
Phase | Strategy | Description | Effectiveness | Notes |
---|
Implementation | | Ensure that all reserved fields are set to zero before messages are
sent and that no unnecessary information is included. | | |
Relationships
Related CWE | Type | View | Chain |
---|
CWE-515 ChildOf CWE-904 | Category | CWE-888 | |
Demonstrative Examples (Details)
- An excellent example of covert storage channels in a well known
application is the ICMP error message echoing functionality. Due to
ambiguities in the ICMP RFC, many IP implementations use the memory within
the packet for storage or calculation. For this reason, certain fields of
certain packets -- such as ICMP error packets which echo back parts of
received messages -- may contain flaws or extra information which betrays
information about the identity of the target operating system. This
information is then used to build up evidence to decide the environment of
the target. This is the first crucial step in determining if a given system
is vulnerable to a particular flaw and what changes must be made to
malicious code to mount a successful attack.
White Box Definitions None
Black Box Definitions None
Taxynomy Mappings
Taxynomy | Id | Name | Fit |
---|
Landwehr | | Storage | |
CLASP | | Covert storage channel | |
References:None