centos 6
access weakness #19

4

Weakness Breakdown


Definition:

An access weakness occurs when software does not properly implement permissions that could have unintended consequences if exploited by malicious actors. An example of this weakness is when a default username and password are set by the developer but do not get changed by the system administrator.

Warning code(s):

If this call fails, the program could fail to drop heightened privileges.

File Name:

mvapich-1.2rc1/non-psm/mpid/nt_server/winmpd/mpd/mapdrive.cpp

Context:

The highlighted line of code below is the trigger point of this particular Centos 6 access weakness.

 
    while (p)
    {
	if (p->pszDrive[0] == pszDrive[0])
	{
	    if (p->nRefCount > 1)
	    {
		p->nRefCount--;
		return true;
	    }
	    hUser = p->hUser;
	    break;
	}
	p = p->pNext;
    }
    if (hUser == NULL)
    {
	strcpy(pszError, "Drive not previously mapped with map call.");
	return false;
    }

    if (bImpersonate)
    {
	WaitForSingleObject(g_hLaunchMutex, 10000);
	ImpersonateLoggedOnUser(hUser);
    }

    if (p->bUnmap)
    {
	dwResult = WNetCancelConnection2(pszDriveLetter, 
	    CONNECT_UPDATE_PROFILE, // This option makes sure that the connection is not re-established at the next user logon
	    TRUE);
    }
    else
	dwResult = NO_ERROR;

    if (bImpersonate)
    {
	RevertToSelf();
	ReleaseMutex(g_hLaunchMutex);
    }

    if (dwResult == NO_ERROR)
    {
	RemoveDriveStruct(pszDriveLetter);
	return true;
    }

    switch (dwResult)
    { 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.