Core dump file
Description
A core dump file is a snapshot of a program's memory at the moment it crashes or terminates abnormally. These files are typically generated automatically by operating systems for debugging purposes.
This vulnerability indicates that a core dump file has been discovered in a publicly accessible directory. Core dump files contain sensitive information from the application's memory at the time of the crash, including plaintext credentials, session tokens, encryption keys, database connection strings, user data, and other confidential information that was being processed when the application failed.
Remediation
Take immediate action to secure core dump files and prevent future exposure:
1. Remove the exposed core dump file immediately from the publicly accessible directory
2. Disable core dump generation on production systems by configuring the system's core dump settings:
On Linux systems, add to /etc/security/limits.conf:
* hard core 0
Or set system-wide using
ulimit:ulimit -c 0
3. If core dumps are required for debugging, configure them to be stored in a protected directory with restricted permissions:
On Linux, configure core dump location in
/etc/sysctl.conf:kernel.core_pattern = /var/crash/core.%e.%p.%t
Then ensure the directory has appropriate permissions:
chmod 700 /var/crash chown root:root /var/crash
4. Review web server configuration to ensure core dump directories are not within the document root or are explicitly blocked from web access
5. Audit all existing core dump files for sensitive information and rotate any exposed credentials found within them