Read Time:31 Second
Description
The software creates a communication channel to initiate an outgoing request to an actor, but it does not correctly specify the intended destination for that actor.
Modes of Introduction:
– Architecture and Design
Likelihood of Exploit:
Related Weaknesses
Consequences
Potential Mitigations
CVE References
- CVE-2013-5211
- composite: NTP feature generates large responses (high amplification factor) with spoofed UDP source addresses.
- CVE-1999-0513
- Classic “Smurf” attack, using spoofed ICMP packets to broadcast addresses.
- CVE-1999-1379
- DNS query with spoofed source address causes more traffic to be returned to spoofed address than was sent by the attacker.