CAPEC-307
Alerte pour un CAPEC
Restez informé de toutes modifications pour un CAPEC spécifique.
Descriptions du CAPEC
An adversary scans for RPC services listing on a Unix/Linux host.
Informations du CAPEC
Flux d'exécution
1) Experiment
An adversary sends RCP packets to target ports.
2) Experiment
An adversary uses the response from the target to determine which, if any, RPC service is running on that port. Responses will vary based on which RPC service is running.
Conditions préalables
RPC scanning requires no special privileges when it is performed via a native system utility.Ressources nécessaires
The ability to craft custom RPC datagrams for use during network reconnaissance via native OS utilities or a port scanning tool. By tailoring the bytes injected one can scan for specific RPC-registered services. Depending upon the method used it may be necessary to sniff the network in order to see the response.Atténuations
Typically, an IDS/IPS system is very effective against this type of attack.Faiblesses connexes
| Nom de la faiblesse | |
|---|---|
CWE-200 |
Exposure of Sensitive Information to an Unauthorized Actor The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Références
REF-33
Hacking Exposed: Network Security Secrets & SolutionsStuart McClure, Joel Scambray, George Kurtz.
REF-158
RFC768 - User Datagram ProtocolJ. Postel.
http://www.faqs.org/rfcs/rfc768.html
REF-34
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security ScanningGordon "Fyodor" Lyon.
REF-130
The Art of Port ScanningGordon "Fyodor" Lyon.
http://phrack.org/issues/51/11.html
Soumission
| Nom | Organisation | Date | Date de publication |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Modifications
| Nom | Organisation | Date | Commentaire |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Description, Description Summary, References, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations | |
| CAPEC Content Team | The MITRE Corporation | Updated Execution_Flow | |
| CAPEC Content Team | The MITRE Corporation | Updated Description, Extended_Description |
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC)
sont maintenues par MITRE Corporation, et les informations sur les configurations
logicielles et matérielles (CPE) proviennent du NVD.