This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Periodic Table of Vulnerabilities - Path Traversal"

From OWASP
Jump to: navigation, search
(Posting on behalf of Rajat)
 
m
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
 
[[OWASP_Periodic_Table_of_Vulnerabilities#Periodic_Table_of_Vulnerabilities|Return to Periodic Table Working View]]
 
[[OWASP_Periodic_Table_of_Vulnerabilities#Periodic_Table_of_Vulnerabilities|Return to Periodic Table Working View]]
 
 
  
 
== Path Traversal ==
 
== Path Traversal ==
 
 
  
 
=== Root Cause Summary ===
 
=== Root Cause Summary ===
  
File resources are accessed using, user-supplied data, allowing a malicious user to access files that he/she is not authorized to access.
+
File resources are accessed using references constructed from user-supplied data, allowing a malicious user to access files outside the web root that were not intended to be exposed.
 
 
 
 
  
 
=== Browser / Standards Solution ===
 
=== Browser / Standards Solution ===
  
<browser/standards solutions here>
+
None
 
 
  
 +
=== Perimeter Solution ===
  
=== Perimeter Solution ===
+
Perimeter and platform technologies should canonicalize all URLs and path references, replacing relative paths with absolute paths wherever possible.
  
·      Canonicalize URLs and prevent directory access outside the web root.
+
The platform should be deployed with permissions that prevent the web server process from accessing files outside the web root.
  
 
=== Generic Framework Solution ===
 
=== Generic Framework Solution ===
  
·      Provide safe libraries for accessing the file system that canonicalize path references and enforce proper access control.
+
The framework should provide safe libraries for accessing the file system that canonicalize path references, enforce proper access control, and prevent direct access to the filesystem. The libraries should have the following features:
 
 
·      Provide a method that can compare the cononicalized path to a whitelist of paths that can be accessed by the user of the application for given access level of the application.
 
  
·      Provide safe methods that do not let the file extension be tampered with of the intended resource input.
+
* Canonicalization of file and path names, properly transforming null bytes and relative paths before all other processing takes place
 
+
* A configuration-based whitelist of directories that are allowed to be accessed by the application
·      Input validation to remove “..” from the user supplied data.
+
* A role-based access control list to further limit access to whitelisted directories
 +
* A configuration-based whitelist of file extensions that may be accessed
  
 
=== Custom Framework Solution ===
 
=== Custom Framework Solution ===
  
<custom framework solutions here>
+
None
 
 
 
 
  
 
=== Custom Code Solution ===
 
=== Custom Code Solution ===
  
<custom code solutions here>
+
None
 
 
 
 
  
 
=== Discussion / Controversy ===
 
=== Discussion / Controversy ===
  
<discussion / controversy tracking here>
+
None
 
 
 
 
  
 
=== References ===
 
=== References ===
 
+
[[Path Traversal]]<BR>
http://en.wikipedia.org/wiki/Directory_traversal_attack
+
[http://projects.webappsec.org/w/page/13246952/Path%20Traversal Path Traversal (WASC)]<BR>
 +
[http://cwe.mitre.org/data/definitions/22.html Path Traversal (CWE)]<BR>

Latest revision as of 17:55, 23 July 2013

Return to Periodic Table Working View

Path Traversal

Root Cause Summary

File resources are accessed using references constructed from user-supplied data, allowing a malicious user to access files outside the web root that were not intended to be exposed.

Browser / Standards Solution

None

Perimeter Solution

Perimeter and platform technologies should canonicalize all URLs and path references, replacing relative paths with absolute paths wherever possible.

The platform should be deployed with permissions that prevent the web server process from accessing files outside the web root.

Generic Framework Solution

The framework should provide safe libraries for accessing the file system that canonicalize path references, enforce proper access control, and prevent direct access to the filesystem. The libraries should have the following features:

  • Canonicalization of file and path names, properly transforming null bytes and relative paths before all other processing takes place
  • A configuration-based whitelist of directories that are allowed to be accessed by the application
  • A role-based access control list to further limit access to whitelisted directories
  • A configuration-based whitelist of file extensions that may be accessed

Custom Framework Solution

None

Custom Code Solution

None

Discussion / Controversy

None

References

Path Traversal
Path Traversal (WASC)
Path Traversal (CWE)

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Periodic_Table_of_Vulnerabilities_-_Path_Traversal&oldid=155929"