|Name ||Passively Sniff and Capture Application Code Bound for Authorized Client |
|Summary ||Attackers can capture application code bound for the client and can use it, as-is or through reverse-engineering, to glean sensitive information or exploit the trust relationship between the client and server.
Such code may belong to a dynamic update to the client, a patch being applied to a client component or any such interaction where the client is authorized to communicate with the server. |
|Prerequisites ||The attacker must have the ability to place himself in the communication path between the client and server.
The targeted application must receive some application code from the server; for example, dynamic updates, patches, applets or scripts.
The attacker must be able to employ a sniffer on the network without being detected. |
|Solutions ||Design: Encrypt all communication between the client and server.
Implementation: Use SSL, SSH, SCP.
Operation: Use "ifconfig/ipconfig" or other tools to detect the sniffer installed in the network. |
|CWE ID ||Description |
|CWE-311 ||Missing Encryption of Sensitive Data |
|CWE-318 ||Cleartext Storage of Sensitive Information in Executable |
|CWE-319 ||Cleartext Transmission of Sensitive Information |
|CWE-693 ||Protection Mechanism Failure |
|CWE-719 || |