CWE-617 Detail

CWE-617

Name

Reachable Assertion

Status

Draft

Published

2007-05-07
00h00 +00:00

Modified

2024-02-29
00h00 +00:00

Official links

CWE Mitre.org

Notifications for a CWE

Stay informed of any changes for a specific CWE.

Notifications manage

List of Notifications

Notifications for a CWE

Stay informed of any changes for a specific CWE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specify the CWE ID you wish to monitor.

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

Name: Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

CWE Description

While assertion is good for catching logic errors and reducing the chances of reaching more serious vulnerability conditions, it can still lead to a denial of service.

For example, if a server handles multiple simultaneous connections, and an assert() occurs in one single connection that causes all other connections to be dropped, this is a reachable assertion that leads to a denial of service.

General Informations

Modes Of Introduction

Implementation

Common Consequences

Scope	Impact	Likelihood
Availability	DoS: Crash, Exit, or Restart Note: An attacker that can trigger an assert statement can still lead to a denial of service if the relevant code can be triggered by an attacker, and if the scope of the assert() extends beyond the attacker's own session.

Observed Examples

References	Description
CVE-2023-49286	Chain: function in web caching proxy does not correctly check a return value (CWE-253) leading to a reachable assertion (CWE-617)
CVE-2006-6767	FTP server allows remote attackers to cause a denial of service (daemon abort) via crafted commands which trigger an assertion failure.
CVE-2006-6811	Chat client allows remote attackers to cause a denial of service (crash) via a long message string when connecting to a server, which causes an assertion failure.
CVE-2006-5779	Product allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure.
CVE-2006-4095	Product allows remote attackers to cause a denial of service (crash) via certain queries, which cause an assertion failure.
CVE-2006-4574	Chain: security monitoring product has an off-by-one error that leads to unexpected length values, triggering an assertion.
CVE-2004-0270	Anti-virus product has assert error when line length is non-numeric.

Potential Mitigations

Phases : Implementation
Make sensitive open/close operation non reachable by directly user-controlled data (e.g. open/close resources)
Phases : Implementation
Perform input validation on user data.

Detection Methods

Automated Static Analysis

Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)
Effectiveness : High

Vulnerability Mapping Notes

Justification : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Comment : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

Submission

Name	Organization	Date	Date release	Version
CWE Content Team	MITRE	2007-05-07 +00:00	2007-05-07 +00:00	Draft 6

Modifications

Name	Organization	Date	Comment
Sean Eidemiller	Cigital	2008-07-01 +00:00	added/updated demonstrative examples
Eric Dalci	Cigital	2008-07-01 +00:00	updated Potential_Mitigations, Time_of_Introduction
CWE Content Team	MITRE	2008-09-08 +00:00	updated Description, Relationships, Observed_Example, Other_Notes, Weakness_Ordinalities
CWE Content Team	MITRE	2011-06-01 +00:00	updated Common_Consequences
CWE Content Team	MITRE	2012-05-11 +00:00	updated Common_Consequences, Observed_Examples, Relationships, Taxonomy_Mappings
CWE Content Team	MITRE	2012-10-30 +00:00	updated Potential_Mitigations
CWE Content Team	MITRE	2014-06-23 +00:00	updated Common_Consequences, Description, Other_Notes
CWE Content Team	MITRE	2014-07-30 +00:00	updated Relationships, Taxonomy_Mappings
CWE Content Team	MITRE	2017-01-19 +00:00	updated Relationships
CWE Content Team	MITRE	2017-11-08 +00:00	updated Relationships
CWE Content Team	MITRE	2019-01-03 +00:00	updated Relationships, Taxonomy_Mappings
CWE Content Team	MITRE	2019-06-20 +00:00	updated Relationships, Type
CWE Content Team	MITRE	2019-09-19 +00:00	updated Alternate_Terms
CWE Content Team	MITRE	2023-04-27 +00:00	updated Detection_Factors, Relationships
CWE Content Team	MITRE	2023-06-29 +00:00	updated Mapping_Notes
CWE Content Team	MITRE	2023-10-26 +00:00	updated Demonstrative_Examples
CWE Content Team	MITRE	2024-02-29 +00:00	updated Observed_Examples

CWE-617 Detail

CWE-617

Name: Reachable Assertion

CWE Description

General Informations

Modes Of Introduction

Common Consequences

Observed Examples

CVE-2023-49286

CVE-2006-6767

CVE-2006-6811

CVE-2006-5779

CVE-2006-4095

CVE-2006-4574

CVE-2004-0270