The product constructs pathnames from user input, but it does not handle or incorrectly handles a pathname containing a Windows device name such as AUX or CON. This typically leads to denial of service or an information exposure when the application attempts to process the pathname as a regular file.
View on MITRENot properly handling virtual filenames (e.g. AUX, CON, PRN, COM1, LPT1) can result in different types of vulnerabilities. In some cases an attacker can request a device via injection of a virtual filename in a URL, which may cause an error that leads to a denial of service or an error page that reveals sensitive information. A product that allows device names to bypass filtering runs the risk of an attacker injecting malicious code in a file with the name of a device.
Be familiar with the device names in the operating system where your system is deployed. Check input for these device names.
No detection method information available for this CWE.
Server allows remote attackers to cause a denial of service via a series of requests to .JSP files that contain an MS-DOS device name.
View DetailsServer allows remote attackers to cause a denial of service via an HTTP request for an MS-DOS device name.
View DetailsProduct allows remote attackers to use MS-DOS device names in HTTP requests to cause a denial of service or obtain the physical path of the server.
View DetailsServer allows remote attackers to cause a denial of service via a URL that contains an MS-DOS device name.
View DetailsServer allows a remote attacker to create a denial of service via a URL request which includes a MS-DOS device name.
View DetailsMicrosoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability.
View DetailsServer allows remote attackers to determine the physical path of the server via a URL containing MS-DOS device names.
View DetailsProduct does not properly handle files whose names contain reserved MS-DOS device names, which can allow malicious code to bypass detection when it is installed, copied, or executed.
View DetailsServer allows remote attackers to cause a denial of service (application crash) via a URL with a filename containing a .cgi extension and an MS-DOS device name.
View DetailsNo relationship information available for this CWE.
CWE-67: Improper Handling of Windows Device Names is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product constructs pathnames from user input, but it does not handle or incorrectly handles a pathname containing a Windows device name such as AUX or CON. This typically leads to denial of service or an information exposure when the application attempts to process the pathname as a regular file. Not properly handling virtual filenames (e.g. AUX, CON, PRN, COM1, LPT1) can result in different types of vulnerabilities. In some cases an attacker can request a device via injection of a virtual filename in a URL, which may cause an error that leads to a denial of service or an error page that reveals sensitive information. A product that allows device names to bypass filtering runs the risk of an attacker injecting malicious code in a file with the name of a device.
If exploited, CWE-67 (Improper Handling of Windows Device Names) it can compromise Availability, Confidentiality and Other, leading to outcomes such as DoS: Crash, Exit, or Restart, Read Application Data and Other.
Recommended mitigations for CWE-67 include: Be familiar with the device names in the operating system where your system is deployed. Check input for these device names.
CWE-67 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.
MITRE documents real CVEs mapped to CWE-67, including CVE-2002-0106, CVE-2002-0200, CVE-2002-1052, CVE-2001-0493 and CVE-2001-0558. You can look up the full details of each CVE, including CVSS scores and remediation guidance, on our CVE Lookup tool.
A CWE (Common Weakness Enumeration) like CWE-67 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.