CWE
Home > CWE List > CWE-291 Individual Dictionary Definition (Draft 9)   View the CWE List

CWE-291 Individual Dictionary Definition (Draft 9)

Trusting Self-reported IP Address
Compound Element ID
Status: Incomplete

291 (Compound Element Variant: Composite)

Description

Summary

The use of IP addresses as authentication is flawed and can easily be spoofed by malicious users.

Likelihood of Exploit

High

Weakness Ordinality

Resultant (Weakness is typically related to the presence of some other weaknesses)

Causal Nature

Explicit (This is an explicit weakness resulting from behavior of the developer)

Common Consequences

Authentication: Malicious users can fake authentication information, impersonating any IP address.

Potential Mitigations

Design: Use other means of identity verification that cannot be simply spoofed. Possibilities include a username/password or certificate.

Demonstrative
Examples

C/C++ Example:

sd = socket(AF_INET, SOCK_DGRAM, 0);
serv.sin_family = AF_INET;
serv.sin_addr.s_addr = htonl(INADDR_ANY);
servr.sin_port = htons(1008);
bind(sd, (struct sockaddr *) & serv, sizeof(serv));
while (1) {
  memset(msg, 0x0, MAX_MSG);
  clilen = sizeof(cli);
if (inet_ntoa(cli.sin_addr)==...) n = recvfrom(sd, msg, MAX_MSG, 0, (struct sockaddr *) & cli, &clilen);
}

Java Example:

while(true) {
  DatagramPacket rp=new DatagramPacket(rData,rData.length);
  outSock.receive(rp);
  String in = new String(p.getData(),0, rp.getLength());
  InetAddress IPAddress = rp.getAddress();
  int port = rp.getPort();
  if ((rp.getAddress()==...) & (in==...)) {
    out = secret.getBytes();
    DatagramPacket sp =new DatagramPacket(out,out.length, IPAddress, port); outSock.send(sp);
  }
}

Context Notes

As IP addresses can be easily spoofed, they do not constitute a valid authentication mechanism. Alternate methods should be used if significant authentication is necessary.

Relationships
NatureTypeIDName
ChildOfWeakness BaseWeakness BaseWeakness Base290Authentication Bypass by Spoofing
RequiresWeakness BaseWeakness BaseWeakness Base348Use of Less Trusted Source
RequiresWeakness BaseWeakness BaseWeakness Base471Modification of Assumed-Immutable Data (MAID)
PeerOfWeakness VariantWeakness VariantWeakness Variant292Trusting Self-reported DNS Name
PeerOfWeakness VariantWeakness VariantWeakness Variant293Using Referer Field for Authentication
PeerOfWeakness VariantWeakness VariantWeakness Variant292Trusting Self-reported DNS Name
PeerOfWeakness VariantWeakness VariantWeakness Variant293Using Referer Field for Authentication
Source Taxonomies

CLASP - Trusting self-reported IP address

Applicable Platforms

All

Time of Introduction

Architecture and Design

Related Attack Patterns
CAPEC-IDAttack Pattern Name
4Using Alternative IP Address Encodings
Page Last Updated: April 22, 2008