|ID: 441||Date: (C)2012-05-14 (M)2017-04-28|
|Type: weakness||Status: DRAFT|
|Abstraction Type: Base|
A product can be used as an intermediary or proxy between an
attacker and the ultimate target, so that the attacker can either bypass access
controls or hide activities.
Applicable PlatformsLanguage Class: All
Time Of Introduction
Related Attack Patterns
|Non-RepudiationAccess_Control ||Gain privileges / assume
identityHide activities || |
|Architecture and Design || ||Enforce the use of strong mutual authentication mechanism between the
two parties. || || |
|CWE-441 ChildOf CWE-902 ||Category ||CWE-888 || |
- CVE-1999-0168 : Portmapper could redirect service requests from an attacker to another entity, which thinks the requests came from the portmapper.
- CVE-2005-0315 : FTP server does not ensure that the IP address in a PORT command is the same as the FTP user's session, allowing port scanning by proxy.
- CVE-2002-1484 : Web server allows attackers to request a URL from another server, including other ports, which allows proxied scanning.
- CVE-2004-2061 : CGI script accepts and retrieves incoming URLs.
- CVE-2001-1484 : MFV - bounce attack allows access to TFTP from trusted side.
- CVE-1999-0017 : FTP bounce attack. Protocol allows attacker to modify the PORT command to cause the FTP server to connect to other machines besides the attacker's. Similar to proxied trusted channel.
For more examples, refer to CVE relations in the bottom box.
White Box Definitions None
Black Box Definitions None
|PLOVER || ||Unintended proxy/intermediary || |
|PLOVER || ||Proxied Trusted Channel || |
|WASC ||32 ||Routing Detour || |