Dark Mode

Settings

Capec-310 Detail

Scanning for Vulnerable Software

Detailed Software Typical Severity: Low

Parents: 541

Threats: T60 T258 T273 T291 T302

Description

An attacker engages in scanning activity to find vulnerable software versions or types, such as operating system versions or network services. Vulnerable or exploitable network configurations, such as improperly firewalled systems, or misconfigured systems in the DMZ or external network, provide windows of opportunity for an attacker. Common types of vulnerable software include unpatched operating systems or services (e.g FTP, Telnet, SMTP, SNMP) running on open ports that the attacker has identified. Attackers usually begin probing for vulnerable software once the external network has been port scanned and potential targets have been revealed.

Not present

External ID Source Link Description
CAPEC-310 capec https://capec.mitre.org/data/definitions/310.html
CWE-200 cwe http://cwe.mitre.org/data/definitions/200.html
REF-33 reference_from_CAPEC Stuart McClure, Joel Scambray, George Kurtz, Hacking Exposed: Network Security Secrets & Solutions (6th Edition), 2009, McGraw Hill
REF-128 reference_from_CAPEC http://www.faqs.org/rfcs/rfc793.html Defense Advanced Research Projects Agency Information Processing Techniques Office, Information Sciences Institute University of Southern California, RFC793 - Transmission Control Protocol, 1981--09, Defense Advanced Research Projects Agency (DARPA)
REF-130 reference_from_CAPEC http://phrack.org/issues/51/11.html Gordon "Fyodor" Lyon, The Art of Port Scanning (Volume: 7, Issue. 51), Phrack Magazine, 1997

Not present

  1. Access to the network on which the targeted system resides.
  2. Software tools used to probe systems over a range of ports and protocols.
  1. Probing requires the ability to interactively send and receive data from a target, whereas passive listening requires a sufficient understanding of the protocol to analyze a preexisting channel of communication.
Medium
To probe a system remotely without detection requires careful planning and patience.
Authorization Access Control Confidentiality
Bypass Protection Mechanism Bypass Protection Mechanism Other
Hide Activities Hide Activities Bypass Protection Mechanism
Hide Activities

Not present

We use cookies to ensure you get the best experience on our website.