CWE-69: Improper Handling of Windows ::DATA Alternate Data Stream
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The product does not properly prevent access to, or detect usage of, alternate data streams (ADS).
扩展描述
An attacker can use an ADS to hide information about a file (e.g. size, the name of the process) from a system or file browser tools such as Windows Explorer and 'dir' at the command line utility. Alternately, the attacker might be able to bypass intended access restrictions for the associated data fork.
常见后果
影响范围: Access Control Non-Repudiation Other
技术影响: Bypass Protection Mechanism Hide Activities Other
潜在缓解措施
阶段: Testing
描述: Software tools are capable of finding ADSs on your system.
阶段: Implementation
描述: Ensure that the source code correctly parses the filename to read or write to the correct stream.
观察示例
参考: CVE-1999-0278
In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL.
参考: CVE-2000-0927
Product does not properly record file sizes if they are stored in alternative data streams, which allows users to bypass quota restrictions.
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | - |
适用平台
编程语言
操作系统
分类映射
| 分类名称 | 条目ID | 条目名称 | 映射适配度 |
|---|---|---|---|
| PLOVER | - | Windows ::DATA alternate data stream | - |