Jump to content

Inter-protocol exploitation: Difference between revisions

Add links
From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
Wording Change
Formatting
Line 1: Line 1:
[[Inter-protocol exploitation]] is a [[Vulnerability (computing)|security vulnerability]] in the fundamentals of the communication [[protocols]] used in the [[Internet]]. It was discovered in [[2007]] and publicly announced in research<ref>{{cite web|url=http://www.ngssoftware.com/research/papers/InterProtocolExploitation.pdf|title=Inter-protocol Exploitation|date=2007-03-05|}}</ref> of the same year.
'''Inter-protocol exploitation''' is a [[Vulnerability (computing)|security vulnerability]] in the fundamentals of the communication [[protocols]] used in the [[Internet]]. It was discovered in [[2007]] and publicly announced in research<ref>{{cite web|url=http://www.ngssoftware.com/research/papers/InterProtocolExploitation.pdf|title=Inter-protocol Exploitation|date=2007-03-05|}}</ref> of the same year.
[[Internet]] [[protocol]] implementations allow for the possibility of encapsulating [[Exploit (computer security)|exploit code]] to compromise a remote program which uses a different [[protocol]]. [[Inter-protocol exploitation]] is where one [[protocol]] attacks a service running a different [[protocol]]. This is a legacy problem because the specifications of the [[protocols]] did not take into consideration an attack of this type.
[[Internet]] [[protocol]] implementations allow for the possibility of encapsulating [[Exploit (computer security)|exploit code]] to compromise a remote program which uses a different [[protocol]]. '''Inter-protocol exploitation''' is where one [[protocol]] attacks a service running a different [[protocol]]. This is a legacy problem because the specifications of the [[protocols]] did not take into consideration an attack of this type.
==Technical Details==
==Technical Details==
The two [[protocols]] involved in the [[Vulnerability (computing)|vulnerability]] are the carrier and target. The carrier encapsulates the [[Exploit (computer security)|exploit code]] and the target [[protocol]] is used for communication by the intended victim service.
The two [[protocols]] involved in the [[Vulnerability (computing)|vulnerability]] are the carrier and target. The carrier encapsulates the [[Exploit (computer security)|exploit code]] and the target [[protocol]] is used for communication by the intended victim service.
[[Inter-protocol exploitation]] will be successful if the carrier [[protocol]] can encapsulate the [[Exploit (computer security)|exploit code]] which can take advantage of a target service. Also, there may be other preconditions depending on the complexity of the [[Vulnerability (computing)|vulnerability]].
'''Inter-protocol exploitation''' will be successful if the carrier [[protocol]] can encapsulate the [[Exploit (computer security)|exploit code]] which can take advantage of a target service. Also, there may be other preconditions depending on the complexity of the [[Vulnerability (computing)|vulnerability]].
==Current Implications==
==Current Implications==
One of the major points of concern is the potential for this attack vector to reach through [[firewalls]] and [[DMZ]]s. Inter-protocol exploits can be transmitted over [[HTTP]] and launched from [[web browsers]] on an internal [[subnet]]. An important point is the [[web browser]] is not exploited though any conventional means.
One of the major points of concern is the potential for this attack vector to reach through [[firewalls]] and [[DMZ]]s. [[Inter-protocol exploits]] can be transmitted over [[HTTP]] and launched from [[web browsers]] on an internal [[subnet]]. An important point is the [[web browser]] is not exploited though any conventional means.


==External==
==External==

Revision as of 09:08, 25 November 2007

Inter-protocol exploitation is a security vulnerability in the fundamentals of the communication protocols used in the Internet. It was discovered in 2007 and publicly announced in research[1] of the same year. Internet protocol implementations allow for the possibility of encapsulating exploit code to compromise a remote program which uses a different protocol. Inter-protocol exploitation is where one protocol attacks a service running a different protocol. This is a legacy problem because the specifications of the protocols did not take into consideration an attack of this type.

Technical Details

The two protocols involved in the vulnerability are the carrier and target. The carrier encapsulates the exploit code and the target protocol is used for communication by the intended victim service. Inter-protocol exploitation will be successful if the carrier protocol can encapsulate the exploit code which can take advantage of a target service. Also, there may be other preconditions depending on the complexity of the vulnerability.

Current Implications

One of the major points of concern is the potential for this attack vector to reach through firewalls and DMZs. Inter-protocol exploits can be transmitted over HTTP and launched from web browsers on an internal subnet. An important point is the web browser is not exploited though any conventional means.

External

http://www.theregister.co.uk/2007/06/27/wade_alcorn_metasploit_interview/

http://www.ngssoftware.com/research/papers/InterProtocolExploitation.pdf

  1. ^ "Inter-protocol Exploitation" (PDF). 2007-03-05. {{cite web}}: Cite has empty unknown parameter: |1= (help)
Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=Inter-protocol_exploitation&oldid=173651900"