|
|
|
|
CWE-353 Individual Dictionary Definition (Draft 9)
Weakness ID
| Status: Draft 353 (Weakness Base) | | Description | Summary If integrity check values or "checksums" are omitted from a protocol, there is no way of
determining if data has been corrupted in transmission. | | Likelihood of Exploit | Medium | | Common Consequences | Integrity: Data that is parsed and used may be corrupted. Non-repudiation: Without a checksum it is impossible to determine if any
changes have been made to the data after it was sent. | | Potential Mitigations | Design: Add an appropriately sized checksum to the protocol, ensuring that data
received may be simply validated before it is parsed and used. Implementation: Ensure that the checksums present in the protocol design are properly
implemented and added to each message before it is sent. | Demonstrative
Examples | C/C++ Example: int r,s;
struct hostent *h;
struct sockaddr_in rserv,lserv;
h=gethostbyname("127.0.0.1");
rserv.sin_family=h->h_addrtype;
memcpy((char *) &rserv.sin_addr.s_addr, h->h_addr_list[0], h->h_length);
rserv.sin_port= htons(1008);
s = socket(AF_INET,SOCK_DGRAM,0);
lserv.sin_family = AF_INET;
lserv.sin_addr.s_addr = htonl(INADDR_ANY);
lserv.sin_port = htons(0);
r = bind(s, (struct sockaddr *) &lserv,sizeof(lserv));
sendto(s,important_data,strlen(important_data)+1,0, (struct sockaddr *) &rserv, sizeof(rserv));
while(true) {
DatagramPacket rp=new DatagramPacket(rData,rData.length);
outSock.receive(rp);
String in = new String(p.getData(),0, rp.getLength());
InetAddress IPAddress = rp.getAddress();
int port = rp.getPort();
out = secret.getBytes();
DatagramPacket sp =new DatagramPacket(out,out.length,
IPAddress, port);
outSock.send(sp);
} | | Context Notes | The failure to include checksum functionality in a protocol removes the first
application-level check of data that can be used. The end-to-end philosophy of checks states that
integrity checks should be performed at the lowest level that they can be completely implemented.
Excluding further sanity checks and input validation performed by applications, the protocol's
checksum is the most important level of checksum, since it can be performed more completely than
at any previous level and takes into account entire messages, as opposed to single packets.
Failure to add this functionality to a protocol specification, or in the implementation of that
protocol, needlessly ignores a simple solution for a very significant problem and should never be
skipped. | | Relationships | | | Source Taxonomies | CLASP - Failure to add integrity check value | | Applicable Platforms | All | | Time of Introduction | Architecture and Design | | Related Attack Patterns | | CAPEC-ID | Attack Pattern Name |
|---|
| 74 | Manipulating User State | | 75 | Manipulating Writeable Configuration Files | | 39 | Manipulating Opaque Client-based Data Tokens | | 13 | Subverting Environment Variable Values | | 14 | Client-side Injection-induced Buffer Overflow |
|
|
- Weakness
- Base
- Variant
- Class
- Chain
- Composite
- Category
- View
- Deprecated
