Detailedlikelihood: Highseverity: HighDraft

CAPEC-52Embedding NULL Bytes

Abstraction
Detailed
Status
Draft
Likelihood
High
Severity
High

Description

An adversary embeds one or more null bytes in input to the target software. This attack relies on the usage of a null-valued byte as a string terminator in many environments. The goal is for certain components of the target software to stop processing the input when it encounters the null byte(s). Metadata: detailed CAPEC pattern, status draft, likelihood high, severity high. Underlying weaknesses: CWE-158, CWE-172, CWE-173, CWE-74, CWE-20 (and 2 more). Related CAPEC pattern: [object Object].

Related weaknesses· 7

CWE-158CWE-172CWE-173CWE-74CWE-20CWE-697CWE-707

Related attack patterns· 1

CAPEC-267 (ChildOf)

Exploits7

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')cwe-74100%live
WeaknessIncorrect Comparisoncwe-697100%live
WeaknessImproper Handling of Alternate Encodingcwe-173100%live
WeaknessImproper Neutralizationcwe-707100%live
WeaknessImproper Input Validationcwe-20100%live
WeaknessImproper Neutralization of Null Byte or NUL Charactercwe-158100%live
WeaknessEncoding Errorcwe-172100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Postfix, Null Terminate, and Backslash
CAPEC
Overflow Buffers
CAPEC
Buffer Overflow via Parameter Expansion
CAPEC
Overread Buffers
CAPEC
Buffer Manipulation
CAPEC
Input Data Manipulation
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.