Cache poisoning explained

Cache poisoning refers to a computer security vulnerability where invalid entries can be placed into a cache, which are then assumed to be valid when later used.[1] Two common varieties are DNS cache poisoning[2] and ARP cache poisoning. Web cache poisoning involves the poisoning of web caches[3] (which has led to security issues in programming languages, including all Python versions at the time in 2021, and expedited security updates[4]). Attacks on other, more specific, caches also exist.[5] [6] [7]

Notes and References

  1. Web site: CAPEC-141: Cache Poisoning. CAPEC. 2021-01-22. 2021-01-22. https://web.archive.org/web/20210122230525/https://capec.mitre.org/data/definitions/141.html. live.
  2. Wu . Hao . Dang . Xianglei . Wang . Lidong . He . Longtao . 2016 . Information fusion-based method for distributed domain name system cache poisoning attack detection and identification . IET Information Security . en . 10 . 1 . 37–44 . 10.1049/iet-ifs.2014.0386 . 45091791 . 1751-8717.
  3. Book: Nguyen . Hoai Viet . Iacono . Luigi Lo . Federrath . Hannes . Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security . Your Cache Has Fallen: Cache-Poisoned Denial-of-Service Attack . 6 November 2019 . 1915–1936 . 10.1145/3319535.3354215. 9781450367479 . 207958900 .
  4. Web site: CVE - CVE-2021-23336 . 2023-10-13 . cve.mitre.org.
  5. Book: Hensler . Christopher . Tague . Patrick . Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks . Using bluetooth low energy spoofing to dispute device details . 15 May 2019 . 340–342 . 10.1145/3317549.3326321. 9781450367264 . 160010874 .
  6. Book: Daswani . Neil . Garcia-Molina . Hector . Proceedings of the 11th ACM conference on Computer and communications security . Pong-cache poisoning in GUESS . 2004 . 98–109 . 10.1145/1030083.1030099. 1581139616 . 416914 .
  7. Wang . Dong . Dong . Wei Yu . Attacking Intel UEFI by Using Cache Poisoning . Journal of Physics: Conference Series . April 2019 . 1187 . 4 . 042072 . 10.1088/1742-6596/1187/4/042072 . 2019JPhCS1187d2072W . free .