CAPEC-580 Detail

CAPEC-580

Name

System Footprinting

Likihood attacks

Low

Typical Severity

Low

Status

Stable

Published

2015-11-09
00h00 +00:00

Modified

2023-01-24
00h00 +00:00

Official links

CAPEC Mitre.org

Alerte pour un CAPEC

Stay informed of any changes for a specific CAPEC.

Notifications manage

List of Notifications

Alerte pour un CAPEC

Stay informed of any changes for a specific CAPEC.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specify the CAPEC ID you wish to monitor.

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

Descriptions CAPEC

An adversary engages in active probing and exploration activities to determine security information about a remote target system. Often times adversaries will rely on remote applications that can be probed for system configurations.

Informations CAPEC

Prerequisites

The adversary must have logical access to the target network and system.

Skills Required

The adversary needs to know basic linux commands.

Mitigations

Keep patches up to date by installing weekly or daily if possible.
Identify programs that may be used to acquire peripheral information and block them by using a software restriction policy or tools that restrict program execution by using a process allowlist.

Related Weaknesses

CWE-ID	Weakness Name
CWE-204	Observable Response Discrepancy The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.
CWE-205	Observable Behavioral Discrepancy The product's behaviors indicate important differences that may be observed by unauthorized actors in a way that reveals (1) its internal state or decision process, or (2) differences from other products with equivalent functionality.
CWE-208	Observable Timing Discrepancy Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not.

Submission

Name	Organization	Date	Date release
CAPEC Content Team	The MITRE Corporation	2015-11-09 +00:00

Modifications

Name	Organization	Date	Comment
CAPEC Content Team	The MITRE Corporation	2018-07-31 +00:00	Updated Attack_Motivation-Consequences, Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, Solutions_and_Mitigations, Typical_Likelihood_of_Exploit, Typical_Severity
CAPEC Content Team	The MITRE Corporation	2019-04-04 +00:00	Updated Related_Attack_Patterns
CAPEC Content Team	The MITRE Corporation	2020-07-30 +00:00	Updated Mitigations, Taxonomy_Mappings
CAPEC Content Team	The MITRE Corporation	2020-12-17 +00:00	Updated @Name, Description
CAPEC Content Team	The MITRE Corporation	2022-09-29 +00:00	Updated Taxonomy_Mappings
CAPEC Content Team	The MITRE Corporation	2023-01-24 +00:00	Updated Related_Weaknesses