Detailedlikelihood: Highseverity: Very HighDraft

CAPEC-67String Format Overflow in syslog()

Abstraction
Detailed
Status
Draft
Likelihood
High
Severity
Very High

Description

This attack targets applications and software that uses the syslog() function insecurely. If an application does not explicitely use a format string parameter in a call to syslog(), user input can be placed in the format string parameter leading to a format string injection attack. Adversaries can then inject malicious format string commands into the function call leading to a buffer overflow. There are many reported software vulnerabilities with the root cause being a misuse of the syslog() function.

Related weaknesses· 6

CWE-120CWE-134CWE-74CWE-20CWE-680CWE-697

Related attack patterns· 2

CAPEC-100 (ChildOf)CAPEC-135 (ChildOf)

Exploits6

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')cwe-74100%live
WeaknessImproper Input Validationcwe-20100%live
WeaknessInteger Overflow to Buffer Overflowcwe-680100%live
WeaknessBuffer Copy without Checking Size of Input ('Classic Buffer Overflow')cwe-120100%live
WeaknessUse of Externally-Controlled Format Stringcwe-134100%live
WeaknessIncorrect Comparisoncwe-697100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Format String Injection
CAPEC
Overflow Buffers
CAPEC
Buffer Overflow via Parameter Expansion
CAPEC
Log Injection-Tampering-Forging
CAPEC
Overflow Variables and Tags
CAPEC
Filter Failure through Buffer Overflow
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.