Unintended Proxy/Intermediary |
Weakness ID: 441 (Weakness Base) | Status: Draft |
Description Summary
A product can be used as an intermediary or proxy between an attacker and the ultimate target, so that the attacker can either bypass access controls or hide activities.
Reference | Description |
---|---|
CVE-1999-0168 | Portmapper could redirect service requests from an attacker to another entity, which thinks the requests came from the portmapper. |
CVE-2005-0315 | FTP server does not ensure that the IP address in a PORT command is the same as the FTP user's session, allowing port scanning by proxy. |
CVE-2002-1484 | Web server allows attackers to request a URL from another server, including other ports, which allows proxied scanning. |
CVE-2004-2061 | CGI script accepts and retrieves incoming URLs. |
CVE-2001-1484 | MFV - bounce attack allows access to TFTP from trusted side. |
CVE-1999-0017 | FTP bounce attack. Protocol allows attacker to modify the PORT command to cause the FTP server to connect to other machines besides the attacker's. Similar to proxied trusted channel. |
Enforce the use of strong mutual authentication mechanism between the two parties. |
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Category | 418 | Channel Errors | Development Concepts (primary)699 |
ChildOf | Weakness Class | 610 | Externally Controlled Reference to a Resource in Another Sphere | Research Concepts (primary)1000 |
RequiredBy | Compound Element: Composite | 352 | Cross-Site Request Forgery (CSRF) | Research Concepts1000 |
RequiredBy | Compound Element: Composite | 384 | Session Fixation | Research Concepts1000 |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
PLOVER | Unintended proxy/intermediary | ||
PLOVER | Proxied Trusted Channel | ||
WASC | 32 | Routing Detour |
This entry is currently a child of CWE-610 under view 1000, however there is also a relationship with CWE-668 because the resulting proxy effectively exposes the victims control sphere to the attacker. This should possibly be considered as an emergent resource. |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
PLOVER | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Potential Mitigations, Time of Introduction | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Relationships, Observed Example, Other Notes, Taxonomy Mappings | ||||
2008-11-24 | CWE Content Team | MITRE | Internal | |
updated Maintenance Notes, Relationships, Taxonomy Mappings, Time of Introduction |