Difference between revisions of "Trusting self-reported IP address"

From OWASP
Jump to: navigation, search
(Related Controls)
 
(4 intermediate revisions by one user not shown)
Line 1: Line 1:
 
{{Template:Vulnerability}}
 
{{Template:Vulnerability}}
 
{{Template:SecureSoftware}}
 
{{Template:SecureSoftware}}
 
__TOC__
 
 
[[ASDR Table of Contents]]
 
 
  
 
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
 
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
  
[[Category:FIXME|This is the text from the old template. This needs to be rewritten using the new template.]]
+
[[ASDR_TOC_Vulnerabilities|Vulnerabilities Table of Contents]]
 
+
  
 
==Description==
 
==Description==
Line 37: Line 31:
 
High
 
High
  
'''Likelihood of exploit''
+
'''Likelihood of exploit'''
  
 
High
 
High
  
 
As IP addresses can be easily spoofed, they do not constitute a valid authentication mechanism. Alternate methods should be used if significant authentication is necessary.
 
As IP addresses can be easily spoofed, they do not constitute a valid authentication mechanism. Alternate methods should be used if significant authentication is necessary.
 
  
 
==Risk Factors==
 
==Risk Factors==
Line 104: Line 97:
  
 
* Design: Use other means of identity verification that cannot be simply spoofed.
 
* Design: Use other means of identity verification that cannot be simply spoofed.
 
  
 
==Related [[Technical Impacts]]==
 
==Related [[Technical Impacts]]==

Latest revision as of 16:11, 28 February 2009

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.



Last revision (mm/dd/yy): 02/28/2009

Vulnerabilities Table of Contents

Description

The use of IP addresses as authentication is flawed and can easily be spoofed by malicious users.

Consequences

  • Authentication: Malicious users can fake authentication information, impersonating any IP address

Exposure period

  • Design: Authentication methods are generally chosen during the design phase of development.

Platform

  • Languages: All
  • Operating platforms: All

Required resources

Any

Severity

High

Likelihood of exploit

High

As IP addresses can be easily spoofed, they do not constitute a valid authentication mechanism. Alternate methods should be used if significant authentication is necessary.

Risk Factors

TBD

Examples

In C/C++:

sd = socket(AF_INET, SOCK_DGRAM, 0);
serv.sin_family = AF_INET;
serv.sin_addr.s_addr = htonl(INADDR_ANY);
servr.sin_port = htons(1008);
bind(sd, (struct sockaddr *) & serv, sizeof(serv));
while (1) {
  memset(msg, 0x0, MAX_MSG);
  clilen = sizeof(cli);
  if (inet_ntoa(cli.sin_addr)==...)
  n = recvfrom(sd, msg, MAX_MSG, 0,
              (struct sockaddr *) & cli, &clilen);
}

In Java:

while(true) {
  DatagramPacket rp=new DatagramPacket(rData,rData.length);
         
  outSock.receive(rp);
  String in = new String(p.getData(),0, rp.getLength());
  InetAddress IPAddress = rp.getAddress();
  int port = rp.getPort();
          
  if ((rp.getAddress()==...) && (in==...)){
    out = secret.getBytes();
    DatagramPacket sp =new DatagramPacket(out,out.length,
      IPAddress, port);
    outSock.send(sp);
  }  
}


Related Attacks


Related Vulnerabilities


Related Controls

  • Design: Use other means of identity verification that cannot be simply spoofed.

Related Technical Impacts


References

TBD