|Name ||Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Dynamic Update |
|Summary ||Attackers can capture application code bound for an authorized client during a dynamic update and can use it, as-is or through reverse-engineering, to glean sensitive information or exploit the trust relationship between the client and server. |
|Prerequisites ||The attacker must be able to employ a sniffer in the path between the server and client without being detected. The targeted application must be configured to periodically check for updates from the server. |
|Solutions ||Design: Encrypt all communication between the client and server.
Implementation: Use SSL, SSH, SCP.
Operation: Use "ifconfig/ipconfig" or other tools to detect the sniffer installed in the network. |
|CWE ID ||Description |
|CWE-311 ||Missing Encryption of Sensitive Data |