|Name ||Cache Poisoning |
|Summary ||An attacker exploits the functionality of cache technologies to cause specific data to be cached that aids the attackers' objectives. This describes any attack whereby an attacker places incorrect or harmful material in cache. The targeted cache can be an application's cache (e.g. a web browser cache) or a public cache (e.g. a DNS or ARP cache). Until the cache is refreshed, most applications or clients will treat the corrupted cache value as valid. This can lead to a wide range of exploits including redirecting web browsers towards sites that install malware and repeatedly incorrect calculations based on the incorrect value. |
|Prerequisites ||The attacker must be able to modify the value stored in a cache to match a desired value.
The targeted application must not be able to detect the illicit modification of the cache and must trust the cache value in its calculations. |
|Solutions ||Configuration: Disable client side caching.
Implementation: Listens for query replies on a network, and sends a notification via email when an entry changes. |
|CWE ID ||Description |
|CWE-345 ||Insufficient Verification of Data Authenticity |
|CWE-346 ||Origin Validation Error |
|CWE-348 ||Use of Less Trusted Source |
|CWE-349 ||Acceptance of Extraneous Untrusted Data With Trusted Data |
|CWE-441 ||Unintended Proxy or Intermediary ('Confused Deputy') |