A new Zero-day distributed denial of service attack (DDoS) technique has been found in the wild that is able to amplify malicious traffic by as much as 55x. Ofer Maor, ‎Director of Security Strategy at Synopsys commented below.

Ofer Maor, ‎Director of Security Strategy at Synopsys:

ofer-maor “This vulnerability is another example of how developers often do not comprehend the security implications of implementation decisions they make for certain extreme cases. It appears that in this case, the response to an unintended exception results in returning substantial amounts of data. Naturally this can be used by attackers to make DDoS attacks more efficiently, by leveraging on resources available to the servers running the vulnerable LDAP service (i.e. the attacker only needs to use little bandwidth to make another machine attack its target with substantial more bandwidth used). As with many security vulnerabilities, attackers find ways to abuse a behavior which the developer that wrote this service, with insufficient security training and/or controls, did not perceive as a threat.”

Information Security Buzz