alpine 3.6
access weakness #36

4

Weakness Breakdown


Definition:

An access weakness occurs when software does not properly implement permissions that could have unintended consequences if exploited by malicious actors. An example of this weakness is when a default username and password are set by the developer but do not get changed by the system administrator.

Warning code(s):

If this call fails, the program could fail to drop heightened privileges.

File Name:

wine/src/wine-2.0.1/include/sspi.h

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.6 access weakness.

 typedef struct _SecPkgContext_TargetInformation
{
    ULONG          MarshalledTargetInfoLength;
    unsigned char *MarshalledTargetInfo;
} SecPkgContext_TargetInformation, *PSecPkgContext_TargetInformation;

typedef struct _SecPkgContext_AuthzID
{
    ULONG  AuthzIDLength;
    char  *AuthzID;
} SecPkgContext_AuthzID, *PSecPkgContext_AuthzID;

typedef struct _SecPkgContext_Target
{
    ULONG  TargetLength;
    char  *Target;
} SecPkgContext_Target, *PSecPkgContext_Target;

typedef struct _SecPkgContext_Bindings
{
    ULONG BindingsLength;
    SEC_CHANNEL_BINDINGS *Bindings;
} SecPkgContext_Bindings, *PSecPkgContext_Bindings;

SECURITY_STATUS SEC_ENTRY ImpersonateSecurityContext(PCtxtHandle phContext);

typedef SECURITY_STATUS (SEC_ENTRY *IMPERSONATE_SECURITY_CONTEXT_FN)
 (PCtxtHandle);

SECURITY_STATUS SEC_ENTRY RevertSecurityContext(PCtxtHandle phContext);

typedef SECURITY_STATUS (SEC_ENTRY *REVERT_SECURITY_CONTEXT_FN)(PCtxtHandle);

SECURITY_STATUS SEC_ENTRY MakeSignature(PCtxtHandle phContext,
 ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo);

typedef SECURITY_STATUS (SEC_ENTRY *MAKE_SIGNATURE_FN)(PCtxtHandle,
 ULONG, PSecBufferDesc, ULONG);

SECURITY_STATUS SEC_ENTRY VerifySignature(PCtxtHandle phContext,
 PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP);

typedef SECURITY_STATUS (SEC_ENTRY *VERIFY_SIGNATURE_FN)(PCtxtHandle,
 PSecBufferDesc, ULONG, PULONG);

SECURITY_STATUS SEC_ENTRY QuerySecurityPackageInfoA(
 SEC_CHAR *pszPackageName, PSecPkgInfoA *ppPackageInfo);
SECURITY_STATUS SEC_ENTRY QuerySecurityPackageInfoW(
 SEC_WCHAR *pszPackageName, PSecPkgInfoW *ppPackageInfo);
#define QuerySecurityPackageInfo WINELIB_NAME_AW(QuerySecurityPackageInfo) 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.