capec.mitre.org Open in urlscan Pro
198.49.146.205  Public Scan

Form analysis
1 forms found in the DOM

/cgi-bin/jumpmenu.cgi

<form action="/cgi-bin/jumpmenu.cgi" style="margin-bottom:0.1em;vertical-align:center;">
  <label for="id" style="padding-right:5px">ID Lookup:</label>
  <input id="id" name="id" type="text" style="width:50px; font-size:80%" maxlength="10">
  <input value="Go" style="padding: 0px; font-size:80%" type="submit">
</form>

Text Content

COMMON ATTACK PATTERN ENUMERATION AND CLASSIFICATION

A Community Resource for Identifying and Understanding Attacks



Home > CAPEC List > CAPEC-310: Scanning for Vulnerable Software (Version 3.9)  
ID Lookup:

--------------------------------------------------------------------------------

 * Home
 * About
   Overview Board Glossary Use Cases Resources Documents FAQs New to CAPEC?
 * CAPEC List
   Latest Version Downloads Reports Archive
 * Community
   Community Citations Organization Usage Related Activities Discussion List
   Discussion Archives CAPEC User Summit
 * News
   Current News CAPEC on Twitter CAPEC on LinkedIn CAPEC Blog CAPEC Podcast
   CAPEC on YouTube News Archive
 * Search


CAPEC-310: SCANNING FOR VULNERABLE SOFTWARE

Attack Pattern ID: 310
Abstraction: Detailed

View customized information:
Conceptual Operational Mapping-Friendly Complete
Description
An attacker engages in scanning activity to find vulnerable software versions or
types, such as operating system versions or network services. Vulnerable or
exploitable network configurations, such as improperly firewalled systems, or
misconfigured systems in the DMZ or external network, provide windows of
opportunity for an attacker. Common types of vulnerable software include
unpatched operating systems or services (e.g FTP, Telnet, SMTP, SNMP) running on
open ports that the attacker has identified. Attackers usually begin probing for
vulnerable software once the external network has been port scanned and
potential targets have been revealed.
Typical Severity

Low

Relationships
This table shows the other attack patterns and high level categories that are
related to this attack pattern. These relationships are defined as ChildOf and
ParentOf, and give insight to similar items that may exist at higher and lower
levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and
CanAlsoBe are defined to show similar attack patterns that the user may want to
explore.

NatureTypeIDNameChildOfStandard Attack Pattern - A standard level attack pattern
in CAPEC is focused on a specific methodology or technique used in an attack. It
is often seen as a singular piece of a fully executed attack. A standard attack
pattern is meant to provide sufficient details to understand the specific
technique and how it attempts to accomplish a desired goal. A standard level
attack pattern is a specific type of a more abstract meta level attack
pattern.541Application Fingerprinting

This table shows the views that this attack pattern belongs to and top level
categories within that view.

View NameTop Level CategoriesDomains of AttackSoftwareMechanisms of
AttackCollect and Analyze Information

Prerequisites

Access to the network on which the targeted system resides. Software tools used
to probe systems over a range of ports and protocols.

Skills Required
[Level: Medium]
To probe a system remotely without detection requires careful planning and
patience.

Resources Required

Probing requires the ability to interactively send and receive data from a
target, whereas passive listening requires a sufficient understanding of the
protocol to analyze a preexisting channel of communication.

Consequences
This table specifies different individual consequences associated with the
attack pattern. The Scope identifies the security property that is violated,
while the Impact describes the negative technical impact that arises if an
adversary succeeds in their attack. The Likelihood provides information about
how likely the specific consequence is expected to be seen relative to the other
consequences in the list. For example, there may be high likelihood that a
pattern will be used to achieve a certain impact, but a low likelihood that it
will be exploited to achieve a different impact.

ScopeImpactLikelihood
Confidentiality
Other
Confidentiality
Access Control
Authorization
Bypass Protection Mechanism
Hide Activities

Related Weaknesses
A Related Weakness relationship associates a weakness with this attack pattern.
Each association implies a weakness that must exist for a given attack to be
successful. If multiple weaknesses are associated with the attack pattern, then
any of the weaknesses (but not necessarily all) may be present for the attack to
be successful. Each related weakness is identified by a CWE identifier.

CWE-IDWeakness Name 200Exposure of Sensitive Information to an Unauthorized
Actor

Taxonomy Mappings
CAPEC mappings to ATT&CK techniques leverage an inheritance model to streamline
and minimize direct CAPEC/ATT&CK mappings. Inheritance of a mapping is indicated
by text stating that the parent CAPEC has relevant ATT&CK mappings. Note that
the ATT&CK Enterprise Framework does not use an inheritance model as part of the
mapping to CAPEC.
Relevant to the ATT&CK taxonomy mapping (see parent )
References
[REF-33] Stuart McClure, Joel Scambray and George Kurtz. "Hacking Exposed:
Network Security Secrets & Solutions". Chapter 2: Scanning, pg. 56. 6th Edition.
McGraw Hill. 2009.
[REF-128] Defense Advanced Research Projects Agency Information Processing
Techniques Office and Information Sciences Institute University of Southern
California. "RFC793 - Transmission Control Protocol". Defense Advanced Research
Projects Agency (DARPA). 1981-09. <http://www.faqs.org/rfcs/rfc793.html>.
[REF-130] Gordon "Fyodor" Lyon. "The Art of Port Scanning". Volume: 7, Issue.
51. Phrack Magazine. 1997. <http://phrack.org/issues/51/11.html>.

Content History

SubmissionsSubmission DateSubmitterOrganization2014-06-23
(Version 2.6)
CAPEC Content TeamThe MITRE CorporationModificationsModification
DateModifierOrganization2015-12-07
(Version 2.8)
CAPEC Content TeamThe MITRE CorporationUpdated Related_Attack_Patterns2018-07-31
(Version 2.12)
CAPEC Content TeamThe MITRE CorporationUpdated References, Related_Weaknesses

More information is available — Please select a different filter.

Page Last Updated or Reviewed: July 31, 2018
 

Site Map | Terms of Use | Manage Cookies | Privacy Policy | Contact Us |

Use of the Common Attack Pattern Enumeration and Classification (CAPEC), and the
associated references from this website are subject to the Terms of Use. CAPEC
is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and
Infrastructure Security Agency (CISA) and managed by the Homeland Security
Systems Engineering and Development Institute (HSSEDI) which is operated by The
MITRE Corporation (MITRE). Copyright © 2007–2023, The MITRE Corporation. CAPEC
and the CAPEC logo are trademarks of The MITRE Corporation.