Marcus Hutchins :verified: on Nostr: One of the weird use cases for the CUPS vulnerability that didn't get much attention ...
One of the weird use cases for the CUPS vulnerability that didn't get much attention is that it can be used to initiate a persistent DDoS attack (essentially infinite DDoS amplification).
There's a couple of scenarios whereby sending a single UDP packet to a vulnerable host will trigger it to send endless HTTP requests at fairly high frequency to a target of the attackers choosing.
It's unclear what the maximum request throughput would be, but since the attacker only need 1 packet per host to trigger it, it's very different from a standard DDoS amplification attack.
Akamai discussed it a bit here, but thankfully didn't disclose too many details:
https://www.akamai.com/blog/security-research/october-cups-ddos-threat
There's a couple of scenarios whereby sending a single UDP packet to a vulnerable host will trigger it to send endless HTTP requests at fairly high frequency to a target of the attackers choosing.
It's unclear what the maximum request throughput would be, but since the attacker only need 1 packet per host to trigger it, it's very different from a standard DDoS amplification attack.
Akamai discussed it a bit here, but thankfully didn't disclose too many details:
https://www.akamai.com/blog/security-research/october-cups-ddos-threat