CWE-605 - Multiple Binds to the Same Port
CWE-605
- Abstraction:
- Variant
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Multiple Binds to the Same Port
- Description
When multiple sockets are allowed to bind to the same port, other services on that port may be stolen or spoofed.
On most systems, a combination of setting the SO_REUSEADDR socket option, and a call to bind() allows any process to bind to a port to which a previous process has bound with INADDR_ANY. This allows a user to bind to the specific address of a server bound to INADDR_ANY on an unprivileged port, and steal its UDP packets/TCP connection.
- Common Consequences
Scope: Confidentiality, Integrity
Impact: Read Application Data
Notes: Packets from a variety of network services may be stolen or the services spoofed.
- Related Weaknesses
- Release Date:
- 2007-05-07
- Latest Modification Date:
- 2023-10-26
Free security scan for your website