Server resource exhaustion attack with dynamic allocation
huitema opened this issue · comments
With dynamic allocation, the server obtains a new server ID each time it receives a packet with an unknown CID, if the CID passes some minimal checks. This can be easily exploited if an adversary can direct packets to individual servers. Each acceptable CID in incoming packet will be added to the table of server ID, either table pollution, resource exhaustion, or exclusion of valid values.
Thanks for filing this issue. #101 is in this space as well.
closed by #104