Sign In

Communications of the ACM

ACM TechNews

CPDoS Attack Can Poison CDNs to Deliver Error Pages Instead of Legitimate Sites


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
A representation of the CPDOS Web attack.

Researchers at the Technical University of Cologne in Germany discovered a new type of Web attack that can compromise content delivery networks into caching and then serving error pages instead of legitimate websites.

Credit: ZDnet

Researchers at the Technical University of Cologne (TH Koln) in Germany discovered a new type of Web attack that can compromise content delivery networks (CDNs) into caching and then serving error pages instead of legitimate websites.

The new attack, called CPDoS (Cache-Poisoned Denial-of-Service), has three variants, and has been described as practical in the real world.

CPDoS attacks are aimed to two aspects of the modern Internet: Web servers and content delivery networks.

First, an attacker connects to a website, which generates a new CDN entry. The attacker's request contains a malformed or oversized HTTP header, which the CDN allows to pass through to the legitimate site so it can be processed and generate a Web page for the CDN to cache. The oversized header causes a "400 Bad Request" error on the server, which is then cached on the CDN.

Other users accessing the site get the error page rather than the actual websites, and the cached errors spread to other nodes of the CDN's network.

From ZDNet 
View Full Article


 

No entries found