|
Inter-protocol exploitation is a class of security vulnerabilities that takes advantage of interactions between two communication protocols,〔(【引用サイトリンク】title=Inter-protocol Communication )〕 for example the protocols used in the Internet. It is commonly discussed in the context of the Hypertext Transfer Protocol (HTTP). This attack uses the potential of the two different protocols meaningfully communicating commands and data. It was popularized in 2007 and publicly described in research〔(【引用サイトリンク】title=Inter-protocol Exploitation )〕 of the same year. The general class of attacks that it refers to has been known since at least 1994 (see the Security Considerations section of RFC 1738). Internet protocol implementations allow for the possibility of encapsulating exploit code to compromise a remote program which uses a different protocol. Inter-protocol exploitation can utilize inter-protocol communication to establish the preconditions for launching an inter-protocol exploit. For example, this process could negotiate the initial authentication communication for a vulnerability in password parsing. Inter-protocol exploitation is where one protocol attacks a service running a different protocol. This is a legacy problem because the specifications of the protocols did not take into consideration an attack of this type. ==Technical details== The two protocols involved in the vulnerability are termed the carrier and target. The carrier encapsulates the commands and/or data. The target protocol is used for communication to the intended victim service. Inter-protocol communication will be successful if the carrier protocol can encapsulate the commands and/or data sufficiently to meaningfully communicate to the target service. Two preconditions need to be met for successful communication across protocols: encapsulation and error tolerance. The carrier protocol must encapsulate the data and commands in a manner that the target protocol can understand. It is highly likely that the resulting data stream with induce parsing errors in the target protocol. The target protocol be must be sufficiently forgiving of errors. During the inter-protocol connection it is likely that a percentage of the communication will be invalid and cause errors. To meet this precondition, the target protocol implementation must continue processing despite these errors. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Inter-protocol exploitation」の詳細全文を読む スポンサード リンク
|