Authentication Bypass by Spoofing| ID: 290 | Date: (C)2012-05-14 (M)2022-10-10 |
| Type: weakness | Status: INCOMPLETE |
| Abstraction Type: Base |
Description
This attack-focused weakness is caused by improperly
implemented authentication schemes that are subject to spoofing
attacks.
Applicable PlatformsNone
Time Of Introduction
- Architecture and Design
- Implementation
Related Attack Patterns
Common Consequences
| Scope | Technical Impact | Notes |
|---|
| Access_Control | Bypass protection
mechanismGain privileges / assume
identity | This weakness can allow an attacker to access resources which are not
otherwise accessible without proper authentication. |
Detection MethodsNone
Potential MitigationsNone
RelationshipsThis can be resultant from insufficient verification.
| Related CWE | Type | View | Chain |
|---|
| CWE-290 ChildOf CWE-902 | Category | CWE-888 | |
Demonstrative Examples (Details)
- Both of these examples check if a request is from a trusted address
before responding to the request. (Demonstrative Example Id DX-99)
- Here, an authentication mechanism implemented in Java relies on an
IP address for source validation. If an attacker is able to spoof the IP,
however, he may be able to bypass such an authentication
mechanism.
- The following code samples use a DNS lookup in order to decide
whether or not an inbound request is from a trusted host. If an attacker can
poison the DNS cache, they can gain trusted status. (Demonstrative Example Id DX-93)
Observed Examples
- CVE-2009-1048 : VOIP product allows authentication bypass using 127.0.0.1 in the Host header.
For more examples, refer to CVE relations in the bottom box.
White Box Definitions None
Black Box Definitions None
Taxynomy Mappings
| Taxynomy | Id | Name | Fit |
|---|
| PLOVER | | Authentication bypass by spoofing | |
References:
- Mark Dowd John McDonald Justin Schuh .The Art of Software Security Assessment 1st Edition. Addison Wesley. Section:'Chapter 3, "Spoofing and Identification", Page
72.'. Published on 2006.
