Bleeping Computer

New CPDoS Web Cache Poisoning Attacks Impact Sites Using Popular CDNs

Details have emerged about a new class of web cache poisoning attacks that could be used to deny users access to resources delivered through a content delivery network (CDN). Named Cache-Poisoned ...
Dark Reading

CDN Cache Poisoning Allows DoS Attacks Against Cloud Apps

A Romanian vulnerability researcher has discovered more than 70 flaws in combinations of cloud applications and content delivery networks (CDNs) that could be used to poison the CDN caches and result ...
Threat Post

Vanilla Forums Open Source Software Vulnerable to RCE, Host Header Injection Vulnerability

Vanilla Forums open source software suffers from vulnerabilities that could let an attacker gain access to user accounts, carry out web-cache poisoning attacks, and in some instances, execute ...
Security Boulevard

When Proxies Become Attack Vectors Through Header Injection

This assumption breaks down because HTTP RFC flexibility allows different servers to interpret the same header field in fundamentally different ways, creating exploitable gaps that attackers are ...
Arabian Post

Pingora proxy flaws raise cache poisoning risks: Cloudflare

Security vulnerabilities discovered in the open-source Pingora framework have triggered renewed scrutiny of infrastructure software used to route vast volumes of internet traffic, after researchers ...
ZDNet

CPDoS attack can poison CDNs to deliver error pages instead of legitimate sites

Two academics from the Technical University of Cologne (TH Koln) have disclosed this week a new type of web attack that can poison content delivery networks (CDNs ...
Ars Technica

Cache poisoning vulnerabilities found in 2 DNS resolving apps

The makers of BIND, the Internet’s most widely used software for resolving domain names, are warning of two vulnerabilities that allow attackers to poison entire caches of results and send users to ...