Closed
Description
The above commit has resulted in the ability to spoof a victim address to public memcache servers around the world, resulting in a massive amount of data returned from the memcache service. (to the victim)
Simple example:
https://blog.cloudflare.com/content/images/2018/02/spoofing.png
These attacks appear to be ranging anywhere from 25Gbps to over 250Gbps.
This has been confirmed on the backlines by many providers, as well as publicly by Cloudflare, and Rapid7.
https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211
https://blog.rapid7.com/2018/02/27/the-flip-side-of-memcrashed/
Metadata
Metadata
Assignees
Labels
No labels