CAPEC-496
Alert dla konkretnego CAPEC
Bądź na bieżąco z wszelkimi zmianami dotyczącymi konkretnego CAPEC.
Opisy CAPEC
An attacker may execute a ICMP Fragmentation attack against a target with the intention of consuming resources or causing a crash. The attacker crafts a large number of identical fragmented IP packets containing a portion of a fragmented ICMP message. The attacker these sends these messages to a target host which causes the host to become non-responsive. Another vector may be sending a fragmented ICMP message to a target host with incorrect sizes in the header which causes the host to hang.
Informacje CAPEC
Wymagania wstępne
This type of an attack requires the target system to be running a vulnerable implementation of IP, and the attacker needs to ability to send arbitrary sized ICMP packets to the target.Łagodzenie
This attack may be mitigated through egress filtering based on ICMP payload so a network is a "good neighbor" to other networks. Bad IP implementations become patched, so using the proper version of a browser or OS is recommended.Powiązane słabości
| Nazwa słabości | |
|---|---|
CWE-770 |
Allocation of Resources Without Limits or Throttling The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated. |
CWE-404 |
Improper Resource Shutdown or Release The product does not release or incorrectly releases a resource before it is made available for re-use. |
Odniesienia
REF-425
ICMP Attacks Illustratedhttp://www.sans.org/reading-room/whitepapers/threats/icmp-attacks-illustrated-477?show=icmp-attacks-illustrated-477&cat=threats
Zgłoszenie
| Nazwa | Organizacja | Data | Data wydania |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Modyfikacje
| Nazwa | Organizacja | Data | Komentarz |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Related_Weaknesses |
