CAPEC-295
Alerta para un CAPEC
Manténgase informado sobre cualquier cambio en un CAPEC específico.
Descripciones CAPEC
This pattern of attack leverages standard requests to learn the exact time associated with a target system. An adversary may be able to use the timestamp returned from the target to attack time-based security algorithms, such as random number generators, or time-based authentication mechanisms.
Informaciones CAPEC
Prerrequisitos
The ability to send a timestamp request to a remote target and receive a response.Recursos requeridos
Scanners or utilities that provide the ability to send custom ICMP queries.Debilidades relacionadas
| Nombre de la debilidad | |
|---|---|
CWE-200 |
Exposure of Sensitive Information to an Unauthorized Actor The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Referencias
REF-33
Hacking Exposed: Network Security Secrets & SolutionsStuart McClure, Joel Scambray, George Kurtz.
REF-123
RFC792 - Internet Control Messaging ProtocolJ. Postel.
http://www.faqs.org/rfcs/rfc792.html
REF-124
RFC1122 - Requirements for Internet Hosts - Communication LayersR. Braden, Ed..
http://www.faqs.org/rfcs/rfc1122.html
REF-125
Host Discovery with NmapMark Wolfgang.
http://nmap.org/docs/discovery.pdf
REF-147
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security ScanningGordon "Fyodor" Lyon.
Envío
| Nombre | Organización | Fecha | Fecha de lanzamiento |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Modificaciones
| Nombre | Organización | Fecha | Comentario |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Description Summary, Resources_Required | |
| CAPEC Content Team | The MITRE Corporation | Updated Attack_Prerequisites, Description Summary, Examples-Instances, References, Related_Weaknesses | |
| CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns |
