ソスyソスソスソスpソスKソスCソスhソスz

CWE-287

Weakness ID:287(Weakness Class)

Status: Draft

ソスsソスKソスリな認ソスソス

ソスソスソス

ソスソスソスソスvソスソス

ソスソスソス[ソスUソスソスソス^ソスソスソスソス黷スソスソスソスハゑソスソスソスソスソスソスソスソストゑソスソス驍アソスニゑソスソス蜥」ソスソスソスソスソスロに、ソス\ソスtソスgソスEソスFソスAソスノゑソスソスソスソストゑソスソスフ主張ソスソスソスソスソスソスソスソスソスソスソスニゑソスKソスリに証厄ソスソスソスソスネゑソスソスニゑソスソスソスソスソスソスナゑソスソスB

ソスハ厄ソス

authentification

ソスハ厄ソスソスニゑソスソスト、ソスソスpソス鼬暦ソスナは茨ソスハ的ソスノ「ソスFソスリ(authentificationソスjソスvソスソスソスgソスpソスソスソスソスワゑソスソスB

AuthC

"AuthC" ソスソス web ソスAソスvソスソスソスPソス[ソスVソスソスソスソスソスフセソスLソスソスソスソスソスeソスBソスノゑソスソスソスソスト、ソスuソスFソスソス (authentication)ソスv ソスフ省暦ソスソス`ソスニゑソスソスト使ソスpソスソスソスソストゑソスソスワゑソスソスB ソスuソスFソスソス (authorization)ソスv ソスフ暦ソスソスソスナゑソスソスソス "AuthZ" ソスニは具ソスハゑソスソスト使ソスpソスソスソスソスワゑソスソスB"Auth" ソスフみでは「ソスFソスソス (authentication)ソスvソスニ「ソスFソスソス (authorization)ソスvソスフどゑソスソス轤ゥソスソスハゑソスソスツゑソスソスネゑソスソスソスソス゚、"Auth" ソスフみでの使ソスpソスヘ撰ソスソスソスソスソスソスソスワゑソスソスソスB

ソスニ弱性ソスフ費ソスソスソスソスソスソスソス

ソスAソス[ソスLソスeソスNソス`ソスソスソスソスソスソスム設計
ソスソスソスソス

ソスYソスソスソスソスソスソスvソスソスソスbソスgソスtソスHソス[ソスソス

ソスソスソスソス

ソスソスソスソスノ依托ソス

ソスソスハ的ソスネ影ソスソス

 

ソスeソスソスソスソスソスけゑソスヘ茨ソス ソスeソスソス
ソスソスソスSソスソス
ソスAソスNソスZソスXソスソスソスソス		 ソス{ソスニ弱性ソスヘソスソス\ソス[ソスXソスソス@ソス\ソスノ関ゑソスソスソスソスソスソスソスAソスモ図ソスソスソスネゑソスソスソスソス[ソスUソスノ対ゑソスソスト漏ソスkソスソスソストゑソスソスワゑソスソスツ能ソスソスソスソスソスソスソスソスワゑソスソスBソス鼾ソスノゑソスソスソストは、ソスUソスソスソスメゑソスソス@ソスソスソスソスソスソスソス謫セソスAソスネゑソスソスソスソスCソスモのコソス[ソスhソスソスソスソスソスsソスソスソス驪ーソス黷ェソスソスソスソスワゑソスソスB

 

ソスUソスソスソスソスソスけゑソスツ能ソスソス

ソスソスソス`ソスソス

ソスソスソスoソスソスi

ソスソスソスソスソステ的ソスソスソスソス
ソスソスソスソスソステ的ソスソスソスヘツソス[ソスソスソスノゑソスソスAソス謔ュソスソスソスソス Apache HTTP Server ソスソス .htaccess ソスフようソスネ設抵ソスtソス@ソスCソスソスソスソスAソスソスハに暦ソスソスpソスソスソスソストゑソスソスソスFソスリソスソスCソスuソスソスソスソスソスニゑソスソスソスソスソスソス^ソスCソスvソスフ認ソスリゑソスソスソスソスoソスツ能ソスナゑソスソスB

ソスソスハ的ソスノ、ソスソスソスソスソステ的ソスソスソスヘ用ソスフツソス[ソスソスソスナカソスXソス^ソス}ソスCソスYソスソスソス黷スソスFソスリスソスLソス[ソスソスソスソスソスソスソスoソスソスソスソスフは搾ソスソスソスナゑソスソスB
ソスソスソスソスノ、ソスソスソスフソソスtソスgソスEソスFソスAソスン計ソスナは任ソスモのソスソス[ソスUソスソスソスmソスFソスネゑソスソスナアソスNソスZソスXソスツ能ソスネ機ソス\ソスソスソスワゑソスナゑソスソスワゑソスソスB

ソスLソスソスソスソスソスFソスソスソスソスI

ソス闢ョソステ的ソスソスソスソス
ソス{ソスニ弱性ソスヘ、ソス闢ョソスノゑソスソスソスヘ、ソスyソスlソスgソスソスソス[ソスVソスソスソスソスソスeソスXソスgソスAソスソスソスミソスソスfソスソスソスソスソスOソスAソスAソスNソスeソスBソスuソスネセソスbソスVソスソスソスソスソスソスソスLソス^ソスソスソスマ更ソスナゑソスソスソスホ話ソスIソスネテソスXソスgソスcソス[ソスソスソスソスソスソスgソスン搾ソスソスせソス驍アソスニで、ソスソスソスoソスツ能ソスナゑソスソスB

ソス闢ョソステ的ソスソスソスヘはカソスXソス^ソス}ソスCソスYソスソスソス黷スソスFソスリソスソスJソスjソスYソスソスソスフ撰ソスソスmソスソスソスソス]ソスソスソスソスソス驍アソスニにゑソスソスソスソスト有ソスソスソスナゑソスソスB

ソスLソスソスソスソスソスFソスソス
ソス闢ョソスソスソスヘは奇ソスソスSソスノ趣ソスソスソスソスソスソスソスソス黷スソスソスiソスソスソスソスソスソスソスハ的ソスナゑソスソスBソスニ弱性ソスソスソスン計ソスyソスムビソスWソスlソスXソスソスソス[ソスソスソスノ関係ソスソスソスソス鼾ソスノ難ソスソスノ有ソスソスソスナゑソスソスB

ソスニ趣ソスネコソス[ソスhソスソス

ソスソス 1:

 

ソスネ会ソスソスフコソス[ソスhソスヘ、ソスソスソス[ソスUソスソスソスソスソスナにソスソスOソスCソスソスソスソスソストゑソスソス驍ゥソスソスソスmソスFソスソスソスソスソスソスフでゑソスソスBソスソスソスソスソスソスソスOソスCソスソスソスソスソストゑソスソスネゑソスソス鼾ソスAソスソスソスフコソス[ソスhソスヘソスソス[ソスUソスソスソスソスソスソスヘゑソスソス黷スソスソスソス[ソスUソスソスソスニパソスXソスソスソス[ソスhソスナ認ソスリゑソスソスワゑソスソスBソスソスソスOソスCソスソスソスノ撰ソスソスソスソスソスソスソスソス cookie ソスソス "loggedin" ソスニゑソスソスソスソスソスソスeソスソスロ托ソスソスソスソスAソスソスソスフソスソス[ソスUソスソスソスソスソスナにソスソスOソスCソスソスソスマみでゑソスソス驍アソスニゑソス ソスuソスLソスソスソスvソスソスソスソスソスワゑソスソスBソスナ鯉ソスノ、ソスソスソスフコソス[ソスhソスナはソスソス[ソスUソスソス cookie ソスノ記ソス^ソスソスソス黷スソスソスソスOソスCソスソスソスソスソス[ソスUソスソスソスソス "Administrator" ソスナゑソスソスソス鼾ソスAソスヌ暦ソスソスメ用ソスフタソスXソスNソスソスソスソスソスsソスソスソスワゑソスソスB

ソスTソスソスソスvソスソスソスRソス[ソスhソスFPerl ソスiソスソスソスソスソスソスj 
my $q = new CGI;

if ($q->cookie('loggedin') ne "true") {
if (! AuthenticateUser($q->param('username'), $q->param('password'))) {
ExitError("Error: you need to log in first");
}
else {
# Set loggedin and user cookies.
$q->cookie(
-name => 'loggedin',
-value => 'true'
);
$q->cookie(
-name => 'user',
-value => $q->param('username')
);
}
}

if ($q->cookie('user') eq "Administrator") {
DoAdministratorTasks();
}

ソスcソスOソスネゑソスソスソスAソスソスソスフコソス[ソスhソスヘ会ソスソスソスツ能ソスナゑソスソスBソスUソスソスソスメはコソス[ソスhソスソスソスソスソス[ソスUソスソスソスニパソスXソスソスソス[ソスhソスソスソス`ソスFソスbソスNソスソスソスネゑソスソス謔、ソスノ、 cookie ソスフみゑソスソスZソスbソスgソスソスソス驍アソスニゑソスソスツ能ソスナゑソスソスBソスUソスソスソスメは以会ソスソスフようソスネヘソスbソス_ソスソスソスワゑソス HTTP ソスソスソスNソスGソスXソスgソスノゑソス閧アソスフ会ソスソスソスソスソスソスソスソスソスソスソスワゑソスソスB

ソスiソスUソスソスソスメ) 
GET /cgi-bin/vulnerable.cgi HTTP/1.1
Cookie: user=Administrator
Cookie: loggedin=true

[body of request]

ソスUソスソスソスメゑソス cookie ソスソス loggedin ソスフ値ソスソス "true"ソスiソス^ソスjソスニセソスbソスgソスソスソス驍アソスニにゑソスソスAソスFソスリチソスFソスbソスNソスソスSソスト会ソスソスソスソスソスワゑソスソスBcookie ソスソスフソスソス[ソスUソスソスソスソス "Administrator" ソスノ設定しソスAソス\ソスtソスgソスEソスFソスAソスフ管暦ソスソスメ鯉ソスソスソスソスソスソスソス閧オソスワゑソスソスB

 

ソスソス 2:

&nbsp;</p>2009ソスN1ソスソスソスAソスソスソスソスUソスソスソスメゑソス Twitter ソスTソス[ソスoソスノ管暦ソスソスメとゑソスソストアソスNソスZソスXソスノ撰ソスソスソスソスソスソスソスニゑソスソスソスソスソスソスソスソスソスソスソスソスソスソスソスソスワゑソスソスソスソスB Twitter ソスTソス[ソスoソスソスソスソスソスOソスCソスソスソスソスソスsソスフ回数を制鯉ソスソスソスソストゑソスソスネゑソスソスソスソスソスソスソスソスニゑソスソスソスソスソスソスナゑソスソスBソスUソスソスソスメゑソス Twitter ソスフサソス|ソス[ソスgソス`ソス[ソスソスソスフソスソスソスソスoソス[ソスソス_ソスソスソスAソスcソスソスネ撰ソスソスフ茨ソスハ的ソスネパソスXソスソスソス[ソスhソスソスソスソスソスソスソスuソスソスソス[ソスgソスtソスHソス[ソスXソスUソスソスソスノゑソスソスpソスXソスソスソス[ソスhソス推托ソスソスソスソス驍アソスニに撰ソスソスソスソスソスソスワゑソスソスソスソスBソスTソス|ソス[ソスgソスソスソスソスソスoソス[ソスニゑソスソストアソスNソスZソスXソスノ撰ソスソスソスソスソスソスソスニ、ソスヌ暦ソスソスメ会ソスハにゑソスソスソスト趣ソスソスYソスニや政ソスソスソスソス 33 ソスソスソスフアソスJソスEソスソスソスgソスソスソスソス閧オソスAソスソスソス閧オソスソスソスソスソス[ソスUソスノなりすソスワゑソスソスソスソスUソスソス Twitter ソスソスソスbソスZソス[ソスWソス送信ソスソスソスワゑソスソスソスソスB

ソスQソスニ擾ソスソスF
Kim Zetter. "Weak Password Brings ソスeHappinessソスf to Twitter Hacker". 2009-01-09. 
<http://www.wired.com/threatlevel/2009/01/professed-twitt/>. 

ソスソスソスソスソスソスソス黷スソスソスソスソス

 

ソスQソスソス ソスレ搾ソス
CVE-2009-3421 login script for guestbook allows bypassing authentication by setting a "login_ok" parameter to 1.
CVE-2009-2382 admin script allows authentication bypass by setting a cookie value to "LOGGEDIN".
CVE-2009-1048 VOIP product allows authentication bypass using 127.0.0.1 in the Host header.
CVE-2009-2213 product uses default "Allow" action, instead of default deny, leading to authentication bypass.
CVE-2009-2168 chain: redirect without exit (CWE-698) leads to resultant authentication bypass.
CVE-2009-3107 product does not restrict access to a listening port for a critical service, allowing authentication to be bypassed.
CVE-2009-1596 product does not properly implement a security-related configuration setting, allowing authentication bypass.
CVE-2009-2422 authentication routine returns "nil" instead of "false" in some situations, allowing authentication bypass using an invalid username.
CVE-2009-3232 authentication update script does not properly handle when admin does not select any authentication modules, allowing authentication bypass.
CVE-2009-3231 use of LDAP authentication with anonymous binds causes empty password to result in successful authentication
CVE-2005-3435 product authentication succeeds if user-provided MD5 hash matches the hash in its database; this can be subjected to replay attacks.
CVE-2005-0408 chain: product generates predictable MD5 hashes using a constant value combined with username, allowing authentication bypass.

 

ソスソスQソスフ緩和ソスソス

ソスtソスFソス[ソスYソスFソスAソス[ソスLソスeソスNソス`ソスソスソスソスソスソスム設計

ソス略ソスFソスソスソスCソスuソスソスソスソスソスAソスtソスソスソス[ソスソスソスソスソス[ソスN
OWASP ESAPI Authentication ソス@ソス\ソスソスソスAソスFソスリフソスソスソス[ソスソスソスソスソス[ソスNソス窿会ソスCソスuソスソスソスソスソスソスソスgソスpソスソスソストゑソスソスソスソスソスソスソスソスB

ソスヨ係ソスソス

 

Nature Type ID Name View(s) this relationship pertains to
ChildOf Category 254 Security Features Development Concepts (primary)699
ChildOf Weakness Class 693 Protection Mechanism Failure Research Concepts (primary)1000
ChildOf Category 718 OWASP Top Ten 2007 Category A7 - Broken Authentication and Session Management Weaknesses in OWASP Top Ten (2007) (primary)629
ChildOf Category 724 OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management Weaknesses in OWASP Top Ten (2004) (primary)711
ChildOf Category 812 OWASP Top Ten 2010 Category A3 - Broken Authentication and Session Management Weaknesses in OWASP Top Ten (2010) (primary)809
ParentOf Weakness Class 300 Channel Accessible by Non-Endpoint ('Man-in-the-Middle') Development Concepts (primary)699
Research Concepts (primary)1000
ParentOf Weakness Variant 301 Reflection Attack in an Authentication Protocol Development Concepts (primary)699
Research Concepts (primary)1000
ParentOf Weakness Base 303 Incorrect Implementation of Authentication Algorithm Development Concepts (primary)699
Research Concepts (primary)1000
ParentOf Weakness Base 304 Missing Critical Step in Authentication Development Concepts (primary)699
ParentOf Weakness Variant 306 Missing Authentication for Critical Function Development Concepts (primary)699
Research Concepts (primary)1000
ParentOf Weakness Base 307 Improper Restriction of Excessive Authentication Attempts Development Concepts (primary)699
Research Concepts (primary)1000
ParentOf Weakness Base 308 Use of Single-factor Authentication Development Concepts (primary)699
Research Concepts (primary)1000
ParentOf Weakness Base 309 Use of Password System for Primary Authentication Development Concepts (primary)699
Research Concepts (primary)1000
ParentOf Weakness Base 322 Key Exchange without Entity Authentication Research Concepts (primary)1000
ParentOf Compound Element: Composite 384 Session Fixation Development Concepts699
Research Concepts (primary)1000
ParentOf Weakness Class 592 Authentication Bypass Issues Development Concepts (primary)699
Research Concepts (primary)1000
ParentOf Weakness Base 603 Use of Client-Side Authentication Development Concepts (primary)699
Research Concepts1000
ParentOf Weakness Base 645 Overly Restrictive Account Lockout Mechanism Development Concepts (primary)699
Research Concepts (primary)1000
ParentOf Weakness Base 798 Use of Hard-coded Credentials Research Concepts (primary)1000
ParentOf Weakness Base 804 Guessable CAPTCHA Development Concepts699
Research Concepts1000
MemberOf 635 Weaknesses Used by NVD Weaknesses Used by NVD (primary)635
CanFollow Weakness Base 304 Missing Critical Step in Authentication Research Concepts1000
CanFollow Weakness Base 613 Insufficient Session Expiration Development Concepts699
Research Concepts1000

 

ソスヨ係ソスソスソスフ補足

SQL ソスCソスソスソスWソスFソスNソスVソスソスソスソスソスソスAソスソスソスフ托ソスソスフ脆弱性ソスフ鯉ソスソスハとゑソスソスト費ソスソスソスソスソスソスソスツ能ソスソスソスソスソスソスソスソスワゑソスソスB

ソスソスソスgソスDソスナの包ソスソスソス

 

ソスgソスDソスソスソスワゑソスソスヘ組ソスDソスナの包ソスソスソス ソスmソス[ソスh ID CWEソスフ包ソスソズとの適ソスソスソスx ソスソスソズ厄ソス
PLOVER Authentication Error
OWASP Top Ten 2007 A7 CWE ソスフ包ソスソスソスソスレ搾ソス Broken Authentication and Session Management
OWASP Top Ten 2004 A3 CWE ソスフ包ソスソスソスソスレ搾ソス Broken Authentication and Session Management
WASC 1 Insufficient Authentication

 

ソスヨ連ソスソスソスソスUソスソスソスpソス^ソス[ソスソス

 

CAPEC-ID ソスUソスソスソスpソス^ソス[ソスソスソスソス (CAPEC Version 1.5)
22 Exploiting Trust in Client (aka Make the Client Invisible)
94 Man in the Middle Attack
57 Utilizing REST's Trust in the System Resource to Register Man in the Middle
114 Authentication Abuse

 

ソスQソスソス

OWASP. "Top 10 2007-Broken Authentication and Session Management". <http://www.owasp.org/index.php/Top_10_2007-A7>.
OWASP. "Guide to Authentication". <http://www.owasp.org/index.php/Guide_to_Authentication>.
Microsoft. "Authentication". <http://msdn.microsoft.com/en-us/library/aa374735(VS.85).aspx>.
[REF-11] M. Howard and D. LeBlanc. "Writing Secure Code". Chapter 4, "Authentication" Page 109. 2nd Edition. Microsoft. 2002. 

ソスXソスVソスソスソスソス

[2011ソスN04ソスソス21ソスソス]
  2010ソスN10ソスソス12ソスソスソスソスソス_ソスフデソス[ソス^ソスソスソスソスソスノ更ソスV
[2009ソスN06ソスソス29ソスソス]
  2009ソスN02ソスソス02ソスソスソスソスソス_ソスフ会ソスソスL URL ソスソスソスソスソスノ作成
    http://cwe.mitre.org/data/definitions/287.html

ソスoソス^ソスソス 2011/04/21

ソスナ終ソスXソスVソスソス 2023/04/04

OSZAR »