exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 2 of 2 RSS Feed

CVE-2013-4450

Status Candidate

Overview

The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of service (memory and CPU consumption) by sending a large number of pipelined requests without reading the response.

Related Files

Node.js HTTP Pipelining Denial of Service
Posted Aug 31, 2024
Authored by joev, titanous, Marek Majkowski | Site metasploit.com

This Metasploit module exploits a Denial of Service (DoS) condition in the HTTP parser of Node.js versions released before 0.10.21 and 0.8.26. The attack sends many pipelined HTTP requests on a single connection, which causes unbounded memory allocation when the client does not read the responses.

tags | exploit, web, denial of service
advisories | CVE-2013-4450
SHA-256 | 3c4090a80e405ae048f982af0147a29882b5e2144d973004c4f00f0a9a827a7b
Red Hat Security Advisory 2013-1842-01
Posted Dec 17, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1842-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. A denial of service flaw was found in the way Node.js handled pipelined HTTP requests. A remote attacker could use this flaw to send an excessive amount of HTTP requests over a network connection, causing Node.js to use an excessive amount of memory and possibly exit when all available memory is exhausted. Node.js is included in Red Hat Software Collections 1.0 as a Technology Preview.

tags | advisory, remote, web, denial of service, javascript
systems | linux, redhat
advisories | CVE-2013-4450
SHA-256 | 6cc658b52fc2d5fd70d630a89cba0152aa0d9dba36215c7daf88a66a5521cfcd
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close