Deployment of Wrong Handler

Incomplete Base

Structure: Simple

Description

The wrong "handler" is assigned to process an object.

Extended Description

An example of deploying the wrong handler would be calling a servlet to reveal source code of a .JSP file, or automatically "determining" type of the object even if it is contradictory to an explicitly specified type.

Common Consequences 1

Scope: IntegrityOther

Impact: Varies by ContextUnexpected State

Potential Mitigations 2

Phase: Architecture and Design

Perform a type check before interpreting an object.

Phase: Architecture and Design

Reject any inconsistent types, such as a file with a .GIF extension that appears to consist of PHP code.

Observed Examples 4

CVE-2001-0004Source code disclosure via manipulated file extension that causes parsing by wrong DLL.

CVE-2002-0025Web browser does not properly handle the Content-Type header field, causing a different application to process the document.

CVE-2000-1052Source code disclosure by directly invoking a servlet.

CVE-2002-1742Arbitrary Perl functions can be loaded by calling a non-existent function that activates a handler.

References 1

The Art of Software Security Assessment

Mark Dowd, John McDonald, and Justin Schuh

Addison Wesley

2006

ID: REF-62

Applicable Platforms

Languages:

Not Language-Specific : Undetermined

Modes of Introduction

Implementation

Related Attack Patterns

11
ASP.NET Misconfiguration: Creating Debug Binary

Related Weaknesses

ChildOf:

Insufficient Control Flow Management (CWE-691)

CanPrecede:

Unparsed Raw Web Content Delivery (CWE-433)

PeerOf:

Unrestricted Upload of File with Dangerous Type (CWE-434)

Taxonomy Mapping

PLOVER