97 matches found
CVE-2022-39158
A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969...
PT-2022-24782 · Siemens · Ruggedcom M2100 +62
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned, so: Affected software affected versions not specified Description: The issue is related to the improper handling of partial HTTP requests, making devices susceptible to slowloris attacks. This could...
IBM Sterling Partner Engagement Manager 安全漏洞
IBM Sterling Partner Engagement Manager is an automated management tool from IBM USA. A security vulnerability in IBM Sterling Partner Engagement Manager versions 6.1, 6.2, and Cloud 22.2 can be exploited by an attacker to perform a Slowloris attack, a denial-of-service DoS attack against a...
UBUNTU-CVE-2022-30591
DISPUTED quic-go through 0.27.0 allows remote attackers to cause a denial of service CPU consumption via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtudiscoverer.go misparses the MTU Discovery service and consequently overflows the probe timer...
PT-2022-20194 · Quic-Go +1 · Quic-Go +1
Name of the Vulnerable Software and Affected Versions: quic-go versions through 0.27.0 Description: The issue allows remote attackers to cause a denial of service CPU consumption via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtu discoverer.go...
GHSA-F2WR-C4C4-XJG7 Apache Traffic Control vulnerable to Slowloris-style Denial of Service attack
The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. TCP connections made on the configured DNS port will remain in the ESTABLISHED state until the client explicitly closes the connection or Traffic Router is...
CVE-2022-22354
IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.2 and IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 do not limit the length of a connection which could allow for a Slowloris HTTP denial of service attack to take place. This can cause the Admin Console to become unresponsive. IBM...
UBUNTU-CVE-2021-3909
OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests to will keep the connection open for a day before a response is returned, but does keep drip...
Infinite open connection causes OctoRPKI to hang forever
OctoRPKI github.com/cloudflare/cfrpki/cmd/octorpki does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests to will keep the connection open for a day before a...
PT-2021-22374 · Octorpki +1 · Octorpki +1
Name of the Vulnerable Software and Affected Versions: OctoRPKI affected versions not specified Description: The issue allows for a slowloris DOS attack to take place, making OctoRPKI wait forever. This occurs because OctoRPKI does not limit the length of a connection. Specifically, the repositor...
CVE-2020-5933
On versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, when a BIG-IP system that has a virtual server configured with an HTTP compression profile processes compressed HTTP message payloads that require deflation, a Slowloris-style attack can trigger a...
nodejs: Slowloris HTTP Denial of Service
It was found that Node.js HTTP server was vulnerable to a Slowloris type attack. An attacker could make long lived connections by sending bytes very slowly to the server, saturating its resource and possibly resulting in a denial of service...
nodejs: Slowloris HTTP Denial of Service
It was found that Node.js HTTP server was vulnerable to a Slowloris type attack. An attacker could make long lived connections by sending bytes very slowly to the server, saturating its resource and possibly resulting in a denial of service...
SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2019:0118-1)
This update for nodejs8 to version 8.15.0 fixes the following issues : Security issues fixed : CVE-2018-12121: Fixed a Denial of Service with large HTTP headers bsc1117626 CVE-2018-12122: Fixed the 'Slowloris' HTTP Denial of Service bsc1117627 CVE-2018-12116: Fixed HTTP request splitting bsc11176...
ALPINE-CVE-2018-12122
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service DoS by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time...
UBUNTU-CVE-2018-12122
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service DoS by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time...
Database of 1.4 Billion Records leaked from World’s Biggest Spam Networks
A database of 1.4 billion email addresses combined with real names, IP addresses, and often physical address has been exposed in what appears to be one the largest data breach of this year. What's worrisome? There are high chances that you, or at least someone you know, is affected by this latest...