Classification of DoS vulnerabilities in web applications
22:49 29.11.2008This is English version of my Classification of DoS vulnerabilities in web applications article.
In my Security manual, I told about DoS vulnerabilities in detail, which often happen in modern web applications (and also in browsers). Using of Denial of Service vulnerabilities in web applications can lead to server overload, up to its complete denial of service.
There are next types of Denial of Service vulnerabilities:
1. Classic DoS.
- Full denial.
- Overload.
2. Recursive File Include.
3. Looped DoS.
Classic DoS.
These classic DoS vulnerabilities in web application divide on full denial DoS and overload DoS.
In case full denial DoS, vulnerability leads to freezing of web server, when its restart is needed. Or leads to crashing of process, web server (e.g. Apache) or database (e.g. MySQL), when server itself continue to work, but part of its functions become inaccessible (till restart of appropriate process). Also there are attacks on web applications which belong to this type of DoS, which lead to change of settings of web applications (i.e. via access to file system and changing of configuration files), which completely stop their work.
In case of overload DoS, vulnerability leads to heavy overload of web server. Such happens during execution of resource-capacious operations (e.g. request to DB and data output), when there is no restrictions on capacity of executable operations, or this restrictions are setting by user and they are not checking (i.e. they can be arbitrarily manipulated). Which leads to that user knowingly or unintentionally can send to execution heavy request, which overloads server.
Recursive File Include.
Vulnerabilities Recursive File Include, which I wrote about earlier - it’s one of new types of Denial of Service.
Recursive File Include - it’s Local file include vulnerability, which is using for making DoS attack. I.e. it is local inclusion of the files (scripts), which leads to DoS attack due to recursion, when files are infinitely including (which overloads server).
Looped DoS.
Looped DoS - it’s vulnerabilities in redirectors, which lead to looped redirect. It happens when redirector send client (user browser) to itself, which leads to infinite redirection.
In case if client, which has visited this redirector at site, has no restrictions on redirection, then it can goes to this web application for a long period of time (which will be sending it to itself all the time), which leads to server overload.