Dark Mode

Settings

Capec-469 Detail

HTTP DoS

Standard Software Typical Severity: Low

Parents: 227

Threats: T61 T64 T77 T269 T289

Description

An attacker performs flooding at the HTTP level to bring down only a particular web application rather than anything listening on a TCP/IP connection. This denial of service attack requires substantially fewer packets to be sent which makes DoS harder to detect. This is an equivalent of SYN flood in HTTP. The idea is to keep the HTTP session alive indefinitely and then repeat that hundreds of times. This attack targets resource depletion weaknesses in web server software. The web server will wait to attacker's responses on the initiated HTTP sessions while the connection threads are being exhausted.

Not present

External ID Source Link Description
CAPEC-469 capec https://capec.mitre.org/data/definitions/469.html
CWE-770 cwe http://cwe.mitre.org/data/definitions/770.html
CWE-772 cwe http://cwe.mitre.org/data/definitions/772.html
T1499.002 ATTACK https://attack.mitre.org/wiki/Technique/T1499/002 Endpoint Denial of Service: Service Exhaustion Flood
REF-406 reference_from_CAPEC http://ha.ckers.org/blog/20090617/slowloris-http-dos/ Robert Hansen, Slowris HTTP DoS, 2009--06---17

Not present

  1. HTTP protocol is usedWeb server used is vulnerable to denial of service via HTTP flooding
  1. Ability to issues hundreds of HTTP requests

Not present

Not present

Not present

We use cookies to ensure you get the best experience on our website.