Read Time:2 Minute, 54 Second
Description
The software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
Modes of Introduction:
– Architecture and Design
Likelihood of Exploit: High
Related Weaknesses
CWE-400
CWE-665
CWE-400
Consequences
Availability: DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Resource Consumption (Other)
When allocating resources without limits, an attacker could prevent other systems, applications, or processes from accessing the same type of resource.
Potential Mitigations
Phase: Requirements
Effectiveness:
Description:
Clearly specify the minimum and maximum expectations for capabilities, and dictate which behaviors are acceptable when resource allocation reaches limits.
Phase: Architecture and Design
Effectiveness:
Description:
Limit the amount of resources that are accessible to unprivileged users. Set per-user limits for resources. Allow the system administrator to define these limits. Be careful to avoid CWE-410.
Phase: Architecture and Design
Effectiveness:
Description:
Design throttling mechanisms into the system architecture. The best protection is to limit the amount of resources that an unauthorized user can cause to be expended. A strong authentication and access control model will help prevent such attacks from occurring in the first place, and it will help the administrator to identify who is committing the abuse. The login application should be protected against DoS attacks as much as possible. Limiting the database access, perhaps by caching result sets, can help minimize the resources expended. To further limit the potential for a DoS attack, consider tracking the rate of requests received from users and blocking requests that exceed a defined rate threshold.
Phase: Implementation
Effectiveness:
Description:
This will only be applicable to cases where user input can influence the size or frequency of resource allocations.
Phase: Architecture and Design
Effectiveness:
Description:
For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.
Phase: Architecture and Design
Effectiveness:
Description:
Phase: Architecture and Design
Effectiveness:
Description:
Ensure that protocols have specific limits of scale placed on them.
Phase: Architecture and Design, Implementation
Effectiveness:
Description:
Phase: Operation, Architecture and Design
Effectiveness:
Description:
CVE References
- CVE-2009-4017
- Language interpreter does not restrict the number of temporary files being created when handling a MIME request with a large number of parts..
- CVE-2009-2726
- Driver does not use a maximum width when invoking sscanf style functions, causing stack consumption.
- CVE-2009-2540
- Large integer value for a length property in an object causes a large amount of memory allocation.
- CVE-2009-2054
- Product allows exhaustion of file descriptors when processing a large number of TCP packets.
- CVE-2008-5180
- Communication product allows memory consumption with a large number of SIP requests, which cause many sessions to be created.
- CVE-2008-1700
- Product allows attackers to cause a denial of service via a large number of directives, each of which opens a separate window.
- CVE-2005-4650
- CMS does not restrict the number of searches that can occur simultaneously, leading to resource exhaustion.
- CVE-2020-15100
- web application scanner attempts to read an excessively large file created by a user, causing process termination
