Differences between 1.3 and 1.3.1 Content
This new release includes minor improvements and refinements to existing CAPEC content as well as a few additions, primary highlights of which include: clean-up of content accuracy, clarity and consistency across a limited set of the existing content; updated and refined mapping of attack patterns to relevant entries in the Common Weakness Enumeration (CWE™) specifically targeted at adding better mapping to the CWE/SANS Top 25 list; addition of 26 newly authored attack pattern stubs consisting of an assigned CAPEC-ID number and a minimal set of pattern content (Description, Attack_Prerequisites, Typical_Severity, Resources_Required) to enable identification and discrimination of each pattern that include 17 from the existing CAPEC Attack Taxonomy as well as 9 more dealing with Software Integrity Attacks; minor modification of both the CAPEC content schema (v1.8.1) and the CAPEC taxonomy schema (v1.1.1); and, clean-up, refinement and additions to the CAPEC Attack Taxonomy including some reorganization and the addition of a new top-level entry "Analytic Attacks."
The new patterns for this version are listed below.
New attack pattern stubs:
CAPEC-184 - Software Integrity Attacks
CAPEC-185 - Malicious Software Download
CAPEC-186 - Malicious Software Update
CAPEC-187 - Malicious Automated Software Update
CAPEC-188 - Reverse Engineering
CAPEC-189 - Software Reverse Engineering
CAPEC-190 - Reverse Engineer an Executable to Expose Assumed Hidden Functionality or Content
CAPEC-191 - Read Sensitive Stings Within an Executable
CAPEC-192 - Protocol Reverse Engineering
CAPEC-193 - PHP Remote File Inclusion
CAPEC-194 - Fake the Source of Data
CAPEC-195 - Principal Spoofing
CAPEC-196 - Session Credential Falsification through Forging
CAPEC-197 - XEE (XML Entity Expansion)
CAPEC-198 - Cross-Site Scripting in Error Pages
CAPEC-199 - Cross-Site Scripting Using Alternate Syntax
CAPEC-200 - Removal of filters: Input filters, output filters, data masking
CAPEC-201 - External Entity Attack
CAPEC-202 - Create Malicious Client
CAPEC-203 - Manipulate Application Registry Values
CAPEC-204 - Lifting cached, sensitive data embedded in client distributions (thick or thin)
CAPEC-205 - Lifting credential(s)/key material embedded in client distributions (thick or thin)
CAPEC-206 - Lifting signing key and signing malicious code from a production environment
CAPEC-207 - Removing Important Functionality from the Client
CAPEC-208 - Removing/short-circuiting 'Purse' logic: removing/mutating 'cash' decrements
CAPEC-209 - Cross-Site Scripting Using MIME Type Mismatch
More information is available — Please select a different filter.
|