CAPEC-295
Melding voor een CAPEC
Blijf op de hoogte van wijzigingen voor een specifieke CAPEC.
Beschrijvingen CAPEC
This pattern of attack leverages standard requests to learn the exact time associated with a target system. An adversary may be able to use the timestamp returned from the target to attack time-based security algorithms, such as random number generators, or time-based authentication mechanisms.
Informatie CAPEC
Vereisten
The ability to send a timestamp request to a remote target and receive a response.Vereiste middelen
Scanners or utilities that provide the ability to send custom ICMP queries.Gerelateerde zwakheden
| Zwakheidsnaam | |
|---|---|
CWE-200 |
Exposure of Sensitive Information to an Unauthorized Actor The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Referenties
REF-33
Hacking Exposed: Network Security Secrets & SolutionsStuart McClure, Joel Scambray, George Kurtz.
REF-123
RFC792 - Internet Control Messaging ProtocolJ. Postel.
http://www.faqs.org/rfcs/rfc792.html
REF-124
RFC1122 - Requirements for Internet Hosts - Communication LayersR. Braden, Ed..
http://www.faqs.org/rfcs/rfc1122.html
REF-125
Host Discovery with NmapMark Wolfgang.
http://nmap.org/docs/discovery.pdf
REF-147
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security ScanningGordon "Fyodor" Lyon.
Indiening
| Naam | Organisatie | Datum | Releasedatum |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Wijzigingen
| Naam | Organisatie | Datum | Opmerking |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Description Summary, Resources_Required | |
| CAPEC Content Team | The MITRE Corporation | Updated Attack_Prerequisites, Description Summary, Examples-Instances, References, Related_Weaknesses | |
| CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns |
