{"vuid":"VU#938151","idnumber":"938151","name":"Forwarding Loop Attacks in Content Delivery Networks may result in denial of service","keywords":["cdn","dos","resource exhaustion","CWE-400"],"overview":"Content Delivery Networks (CDNs) may in some scenarios be manipulated into a forwarding loop, which consumes server resources and causes a denial of service (DoS) on the network.","clean_desc":"CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion') Content Delivery Networks (CDNs) are used to improve website performance and scalability by connecting a user to geographically nearby server for content. CDNs typically operate in two modes, a \"push\" mode allowing a user to upload content to the CDN for later distribution, or a \"pull\" mode which effectively acts as a reverse proxy. In some scenarios, a malicious user can manipulate \"pull mode\" forwarding to forward in an internal loop within the CDN. This effectively launches a denial of service (DoS) attack against the CDN by consuming large amounts of resources. More information is provided in the researcher's conference paper.","impact":"A remote attacker may be able to create a denial of service condition in CDNs, preventing access to hosted content.","resolution":"The researchers and CERT have reached out to known affected CDNs to inform them of this attack. CDNs are implementing their own counter-measures to this attack. If you are an employee of a CDN, the CERT/CC encourages you to review the researcher's conference paper to determine if your CDN may be impacted.","workarounds":"","sysaffected":"","thanks":"Thanks to Jianjun Chen and Jian Jiang  for reporting this vulnerability.","author":"This document was written by Garret Wassermann.","public":["h","t","t","p","s",":","/","/","w","w","w",".","i","n","t","e","r","n","e","t","s","o","c","i","e","t","y",".","o","r","g","/","s","i","t","e","s","/","d","e","f","a","u","l","t","/","f","i","l","e","s","/","b","l","o","g","s","-","m","e","d","i","a","/","f","o","r","w","a","r","d","i","n","g","-","l","o","o","p","-","a","t","t","a","c","k","s","-","c","o","n","t","e","n","t","-","d","e","l","i","v","e","r","y","-","n","e","t","w","o","r","k","s",".","p","d","f"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2015-12-08T21:10:18Z","publicdate":"2016-02-24T00:00:00Z","datefirstpublished":"2016-02-29T18:17:34Z","dateupdated":"2016-03-04T19:35:43Z","revision":33,"vrda_d1_directreport":"1","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"M","cvss_authentication":null,"cvss_confidentialityimpact":"N","cvss_integrityimpact":"N","cvss_availabilityimpact":"C","cvss_exploitablity":null,"cvss_remediationlevel":"U","cvss_reportconfidence":"UR","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"M","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"7.1","cvss_basevector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","cvss_temporalscore":"6.1","cvss_environmentalscore":"4.5683078868","cvss_environmentalvector":"CDP:ND/TD:M/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}