Improper Handling of Apple HFS+ Alternate Data Stream Path
Description The software does not properly handle special paths that may identify the data or resource fork of a file on the HFS+ file system. Extended DescriptionIf the software chooses actions to take based on the file name, then if an attacker provides the data or resource fork, the software may take unexpected actions. Further, if the software intends to restrict access to a file, then an attacker might still be able to bypass intended access restrictions by requesting the data or resource fork for that file. Applicable PlatformsLanguage Class: AllOperating System Class: Mac OS Time Of Introduction
Common Consequences
Detection MethodsNone Potential MitigationsNone Relationships
Demonstrative Examples (Details) Observed Examples
White Box Definitions None Black Box Definitions None Taxynomy Mappings
References: |