Cache Proxy Vulnerability

[Guest_imported]

Hi everybody,

1. It looks, that cache servers, caching HTTP traffic transparently, have very serious security vulnerability: malicious users can "induce" into them fake objects. It can be done by simply setting up a web server, which responds with such faked objects to legitimate URLs and then sending HTTP requests with this server's IP address and the legitimate URLs ( which are not resolved by DNS to this server ) from any client, served by the attacked cache server. The attacked cache server would cache these faked
objects, possibly forever, and then would return them in response to requests with the same URLs from other clients.

If I am in a wrong place with this message, please let me know.


Leo

 

[Alt255]

This is the place to put it.

May I ask where the information came from? I didn't catch a CERT advisory to that effect (I've been known to miss a few). [sig]<p> <br><a href=mailto: > </a><br><a href=

http://www.vorpalcom.com>A

plain black box</a><br><i>"I'm all right now, Dave. Really, I am."<br>
<b>HAL, </i><u>2001 a Space Odyssey</u></b><br>
<br>
[/sig]

 

[Guest_imported]

It is just a theoretical analysis of HTTP 1.1. Do you think it is wrong?

Leo