CWE - CWE-354: Failure to Check Integrity Check Value (Draft 9)

Home > CWE List > CWE-354 Individual Dictionary Definition (Draft 9)

CWE List
Full Dictionary View
Classification Tree
Reports

About
Sources
Process
Documents

Community
Related Activities
Discussion List
Research

News
Calendar
Free Newsletter

Compatibility
Program
Requirements
Declarations
Make a Declaration

Contact Us
Search the Site

Section Contents
CWE List
Full Dictionary View
Classification Tree
Reports
Other Items of Interest
Sources

Key
- Weakness
- Base
- Variant
- Class
- Chain
- Composite
- Category
- View
- Deprecated

CWE-354 Individual Dictionary Definition (Draft 9)

Weakness ID

Status: Draft

354 (Weakness Base)

Description

Summary

If integrity check values or "checksums" are not validated before messages are parsed and used, there is no way of determining if data has been corrupted in transmission.

Likelihood of Exploit

Medium

Common Consequences

Authentication: Integrity checks usually use a secret key that helps authenticate the data origin. Skipping integrity checking generally opens up the possibility that new data from an invalid source can be injected.

Integrity: Data that is parsed and used may be corrupted.

Non-repudiation: Without a checksum check, it is impossible to determine if any changes have been made to the data after it was sent.

Potential Mitigations

Implementation: Ensure that the checksums present in messages are properly checked in accordance with the protocol specification before they are parsed and used.

Demonstrative
Examples

C/C++ Example:

sd = socket(AF_INET, SOCK_DGRAM, 0);
serv.sin_family = AF_INET;
serv.sin_addr.s_addr = htonl(INADDR_ANY);
servr.sin_port = htons(1008);
bind(sd, (struct sockaddr *) & serv, sizeof(serv));
while (1) {
  memset(msg, 0x0, MAX_MSG);
  clilen = sizeof(cli);
  if (inet_ntoa(cli.sin_addr)==...) n = recvfrom(sd, msg, MAX_MSG, 0, (struct sockaddr *) & cli, &clilen);
}

Java Example:

while(true) {
DatagramPacket packet = new DatagramPacket(data,data.length,IPAddress, port);
socket.send(sendPacket);
}

Context Notes

The failure to validate checksums before use results in an unnecessary risk that can easily be mitigated with very few lines of code. Since the protocol specification describes the algorithm used for calculating the checksum, it is a simple matter of implementing the calculation and verifying that the calculated checksum and the received checksum match. If this small amount of effort is skipped, the consequences may be far greater.

Relationships

Nature	Type	ID	Name
ChildOf	Weakness Class	345	Insufficient Verification of Data Authenticity
PeerOf	Weakness Base	353	Failure to Add Integrity Check Value
PeerOf	Weakness Base	353	Failure to Add Integrity Check Value

Source Taxonomies

CLASP - Failure to check integrity check value

Applicable Platforms

All

Related Attack Patterns

CAPEC-ID	Attack Pattern Name
75	Manipulating Writeable Configuration Files

Page Last Updated: April 22, 2008


	CWE is sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security. This Web site is hosted by The MITRE Corporation. Copyright 2008, The MITRE Corporation. CWE and the CWE logo are trademarks of The MITRE Corporation. Contact cwe@mitre.org for more information.	Privacy policy Terms of use Contact us