This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Cache Poisoning

From OWASP
Revision as of 06:52, 17 November 2006 by Pshanks (talk | contribs) (Description)

Jump to: navigation, search
This is an Attack. To view all attacks, please see the Attack Category page.
This article includes content generously donated to OWASP by MicroFocus Logo.png

Description

The impact of a maliciously constructed response can be magnified if it is cached either by a web cache used by multiple users or even the browser cache of a single user. If a response is cached in a shared web cache, such as those commonly found in proxy servers, then all users of that cache will continue receive the malicious content until the cache entry is purged. Similarly, if the response is cached in the browser of an individual user, then that user will continue to receive the malicious content until the cache entry is purged, although only the user of the local browser instance will be affected.

Examples

Related Threats

Related Attacks

HTTP Response Splitting

Related Vulnerabilities

Category:Input Validation Vulnerability

Related Countermeasures

Category:Input Validation

Categories

Retrieved from "https://wiki.owasp.org/index.php?title=Cache_Poisoning&oldid=13172"