Scope: Confidentiality, Integrity, Availability
Impact: Read Memory, Execute Unauthorized Code or Commands
Notes: The case of an omitted null character is the most dangerous of the possible issues. This will almost certainly result in information disclosure, and possibly a buffer overflow condition, which may be exploited to execute arbitrary code.
Scope: Confidentiality, Integrity, Availability
Impact: DoS: Crash, Exit, or Restart, Read Memory, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory)
Notes: If a null character is omitted from a string, then most string-copying functions will read data until they locate a null character, even outside of the intended boundaries of the string. This could: cause a crash due to a segmentation fault cause sensitive adjacent memory to be copied and sent to an outsider trigger a buffer overflow when the copy is being written to a fixed-size buffer.
Scope: Integrity, Availability
Impact: Modify Memory, DoS: Crash, Exit, or Restart
Notes: Misplaced null characters may result in any number of security problems. The biggest issue is a subset of buffer overflow, and write-what-where conditions, where data corruption occurs from the writing of a null character over valid data, or even instructions. A randomly placed null character may put the system into an undefined state, and therefore make it prone to crashing. A misplaced null character may corrupt other data in memory.
Scope: Integrity, Confidentiality, Availability, Access Control, Other
Impact: Alter Execution Logic, Execute Unauthorized Code or Commands
Notes: Should the null character corrupt the process flow, or affect a flag controlling access, it may lead to logical errors which allow for the execution of arbitrary code.
