SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #2028

Back to the previous page... Back to the previous page

Test Case IDAccepted2028
Bad / Good / MixedBadBad test case
Author
Associations
Test suite: 57  59  
Added byMichael Koo
LanguageC++
Type of test caseSource Code
Input string
Expected Output
Instructions
Submission date2007-11-29
DescriptionA software system that accepts and executes input in the form of operating system commands (e.g. system(), exec(), open()) could allow an attacker with lesser privileges than the target software to execute commands with the elevated privileges of the executing process.
File(s)
Flaw

There are no comments
Have any comments on this test case? Please, .

File Contains:
CWE-078: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') on line(s): 0, 24, 25