Revision as of 00:02, 23 January 2021 edit Pokechu22 (talk \| contribs) Extended confirmed users 6,556 edits redlink for web cache poisoning ← Previous edit		Revision as of 09:01, 23 January 2021 edit undo Joe Roe (talk \| contribs) Checkusers, Administrators 38,928 edits Expanded link text for context Next edit →
Line 1: '''Cache poisoning''' refers to a [[vulnerability (computing)\|computer security vulnerability]] where invalid entries can be placed into a [[cache (computing)\|cache]], which are then assumed to be valid when later used.<ref>{{cite web\|url=https://capec.mitre.org/data/definitions/141.html\|title=CAPEC-141: Cache Poisoning\|publisher=[[Common Attack Pattern Enumeration and Classification\|CAPEC]]\|access-date=2021-01-22\|archive-date=2021-01-22\|archive-url=https://web.archive.org/web/20210122230525/https://capec.mitre.org/data/definitions/141.html\|url-status=live}}</ref> Two common varieties are [[DNS cache poisoning]] and [[ARP cache poisoning]]. {{ill\|Web cache poisoning\|cs\|Cache poisoning}} involves the poisoning of [[web cache]]s.<ref>{{cite journal \|last1=Nguyen \|first1=Hoai Viet \|last2=Iacono \|first2=Luigi Lo \|last3=Federrath \|first3=Hannes \|title=Your Cache Has Fallen: Cache-Poisoned Denial-of-Service Attack \|journal=Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security \|date=6 November 2019 \|pages=1915–1936 \|doi=10.1145/3319535.3354215}}</ref> Attacks on other other, more specific, caches also exist.<ref>{{cite journal \|last1=Hensler \|first1=Christopher \|last2=Tague \|first2=Patrick \|title=Using bluetooth low energy spoofing to dispute device details: demo \|journal=Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks \|date=15 May 2019 \|pages=340–342 \|doi=10.1145/3317549.3326321}}</ref><ref>{{cite journal \|last1=Daswani \|first1=Neil \|last2=Garcia-Molina \|first2=Hector \|title=Pong-cache poisoning in GUESS \|journal=Proceedings of the 11th ACM conference on Computer and communications security - CCS '04 \|date=2004 \|pages=98 \|doi=10.1145/1030083.1030099}}</ref><ref>{{cite journal \|last1=Wang \|first1=Dong \|last2=Dong \|first2=Wei Yu \|title=Attacking Intel UEFI by Using Cache Poisoning \|journal=Journal of Physics: Conference Series \|date=April 2019 \|volume=1187 \|issue=4 \|pages=042072 \|doi=10.1088/1742-6596/1187/4/042072 \|url=https://iopscience.iop.org/article/10.1088/1742-6596/1187/4/042072 \|doi-access=free \|access-date=2021-01-22 \|archive-date=2020-02-16 \|archive-url=https://web.archive.org/web/20200216175457/https://iopscience.iop.org/article/10.1088/1742-6596/1187/4/042072 \|url-status=live }}</ref> == References ==

Cache poisoning: Difference between revisions