alpine 3.7
access weakness #38


Weakness Breakdown


An access weakness occurs when software does not properly implement permissions that could have unintended consequences if exploited by malicious actors. An example of this weakness is when a default username and password are set by the developer but do not get changed by the system administrator.

Warning code(s):

If this call fails, the program could fail to drop heightened privileges.

File Name:



The highlighted line of code below is the trigger point of this particular Alpine 3.7 access weakness.


 * ImpersonateSelf [ADVAPI32.@]
 * Makes an impersonation token that represents the process user and assigns
 * to the current thread.
 *  ImpersonationLevel [I] Level at which to impersonate.
 *  Success: TRUE.
 *  Failure: FALSE.
ImpersonateSelf(SECURITY_IMPERSONATION_LEVEL ImpersonationLevel)
    return set_ntstatus( RtlImpersonateSelf( ImpersonationLevel ) );

 * ImpersonateLoggedOnUser [ADVAPI32.@]
BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
    DWORD size;
    NTSTATUS Status;
    HANDLE ImpersonationToken;
    TOKEN_TYPE Type;
    static BOOL warn = TRUE;

    if (warn)
        FIXME( "(%p)\n", hToken );
        warn = FALSE;
    if (!GetTokenInformation( hToken, TokenType, &Type,
                              sizeof(TOKEN_TYPE), &size ))
        return FALSE;

    if (Type == TokenPrimary)
        OBJECT_ATTRIBUTES ObjectAttributes;

        InitializeObjectAttributes( &ObjectAttributes, NULL, 0, NULL, NULL );

        Status = NtDuplicateToken( hToken,
                                   TOKEN_IMPERSONATE | TOKEN_QUERY,

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.