Abuse of the Service Location Protocol May Lead to DoS Attacks


The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated remote attacker to register arbitrary services. This could allow an attacker to use spoofed UDP traffic to conduct a denial-of-service (DoS) attack with a significant amplification factor.

Researchers from Bitsight and Curesec have discovered a way to abuse SLP—identified as CVE-2023-29552—to conduct high amplification factor DoS attacks using spoofed source addresses.

Read more…
Source: U.S. Cybersecurity and Infrastructure Security Agency