CAPEC-496: ICMP Fragmentation

An attacker may execute a ICMP Fragmentation attack against a target with the intention of consuming resources or causing a crash. The attacker crafts a large number of identical fragmented IP packets containing a portion of a fragmented ICMP message. The attacker these sends these messages to a target host which causes the host to become non-responsive. Another vector may be sending a fragmented ICMP message to a target host with incorrect sizes in the header which causes the host to hang.

Not rated

Typical severity

Per MITRE

Not rated

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Standard

Abstraction

MITRE classification

Overview

CAPEC-496 (ICMP Fragmentation) is a standard-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

CAPEC-496: ICMP Fragmentation

Overview

What the attacker needs

Prerequisites

How to mitigate it

Frequently asked questions

What is CAPEC-496?

How do you prevent CAPEC-496?

What weaknesses does CAPEC-496 target?

References

Defend against CAPEC-496

Overview

What the attacker needs

Prerequisites

How to mitigate it

Related weaknesses

Related attack patterns

Parent

Frequently asked questions

What is CAPEC-496?

How do you prevent CAPEC-496?

What weaknesses does CAPEC-496 target?

References

Defend against CAPEC-496