StandardDraft

CAPEC-494TCP Fragmentation

Abstraction
Standard
Status
Draft

Description

An adversary may execute a TCP Fragmentation attack against a target with the intention of avoiding filtering rules of network controls, by attempting to fragment the TCP packet such that the headers flag field is pushed into the second fragment which typically is not filtered. Metadata: standard CAPEC pattern, status draft. Underlying weaknesses: CWE-770, CWE-404. Related CAPEC pattern: [object Object].

Related weaknesses· 2

CWE-770CWE-404

Related attack patterns· 1

CAPEC-130 (ChildOf)

Exploits2

TypeTargetConfidenceTier
WeaknessAllocation of Resources Without Limits or Throttlingcwe-770100%live
WeaknessImproper Resource Shutdown or Releasecwe-404100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
ICMP Fragmentation
CAPEC
UDP Fragmentation
CAPEC
HTTP Request Splitting
CAPEC
HTTP Response Splitting
CAPEC
TCP Flood
CAPEC
Connection Reset
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.