Difference between revisions of "Directory Restriction Error"
|Line 19:||Line 19:|
Revision as of 11:08, 9 June 2006
This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.
The application fails to enforce the intended restricted directory access policy. By using relative paths or other path traversal attack mechanisms, an attacker can access unauthorized files outside the restricted directory. Examples:
- Improper use of the chroot() system call may allow attackers to access files that are outside the new root directory therefore breaks the intended access control policy.
Attackers try to access unauthorized files, such as password files or configuration files.