CAPEC-75 - Manipulating Writeable Configuration Files

Generally these are manually edited files that are not in the preview of the system administrators, any ability on the attackers' behalf to modify these files, for example in a CVS repository, gives unauthorized access directly to the application, the same as authorized users.

Severity

Likelihood

Confidentiality

Integrity

Availability

  • Attack Methods 1
  • Modification of Resources
  • Purposes 1
  • Exploitation
  • Scopes 1
  • Gain privileges / assume identity
  • Authorization
  • Access_Control
  • Confidentiality

Medium level: To identify vulnerable configuration files, and understand how to manipulate servers and erase forensic evidence

Configuration files must be modifiable by the attacker

Design: Enforce principle of least privilege

Design: Backup copies of all configuration files

Implementation: Integrity monitoring for configuration files

Implementation: Enforce audit logging on code and configuration promotion procedures.

Implementation: Load configuration from separate process and memory space, for example a separate physical device like a CD