Protocol Manipulation |
Attack Pattern ID: 272 (Standard Attack Pattern Completeness: Stub) | Typical Severity: Medium | Status: Draft |
Summary
The attacker subverts a communications protocol to perform an attack. These attacks can allow the attacker to impersonate others, discover sensitive information, control the outcome of a session, or perform other attacks. These attacks target invalid assumptions that may be inherent in implementers of the protocol, incorrect implementations of the protocol, or vulnerabilities in the protocol itself.
The protocol or implementations thereof must contain bugs that an attacker can exploit.
In some variants of this attack the attacker must be able to intercept communications using the protocol. This means they need to be able to receive the communications from one participant and prevent the other participant from receiving these communications.
Nature | Type | ID | Name | Description | View(s) this relationship pertains to |
---|---|---|---|---|---|
ChildOf | Category | 262 | Resource Manipulation | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 168 | Windows ::DATA Alternate Data Stream | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 220 | Client-Server Protocol Manipulation | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 275 | DNS Rebinding | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 276 | Inter-component Protocol Manipulation | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 277 | Data Interchange Protocol Manipulation | Mechanism of Attack (primary)1000 | |
ParentOf | Category | 278 | Web Services Protocol Manipulation | Mechanism of Attack1000 |