Detailedseverity: LowStable

CAPEC-294ICMP Address Mask Request

Abstraction
Detailed
Status
Stable
Severity
Low

Description

An adversary sends an ICMP Type 17 Address Mask Request to gather information about a target's networking configuration. ICMP Address Mask Requests are defined by RFC-950, "Internet Standard Subnetting Procedure." An Address Mask Request is an ICMP type 17 message that triggers a remote system to respond with a list of its related subnets, as well as its default gateway and broadcast address via an ICMP type 18 Address Mask Reply datagram. Gathering this type of information helps the adversary plan router-based attacks as well as denial-of-service attacks against the broadcast address.

Related weaknesses· 1

CWE-200

Related attack patterns· 1

CAPEC-292 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessExposure of Sensitive Information to an Unauthorized Actorcwe-200100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
ICMP Information Request
CAPEC
ICMP Echo Request Ping
CAPEC
ICMP Flood
CAPEC
Traceroute Route Enumeration
CAPEC
ICMP IP Total Length Field Probe
CAPEC
Network Topology Mapping
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.