9 matches found
Node.js HTTP Pipelining Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Node.js HTTP Pipelining Denial of Service', 'Description' = %q This module exploits a Denial of Service DoS condition in the HTTP parser of Node....
CVE-2013-4450
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/nodejspipelining.rb 2025-02-06 03:13:41+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:19+00:00| seen|...
openSUSE Security Update : nodejs (openSUSE-SU-2013:1863-1)
This update fixes the following security issue with nodejs : - fix CVE-2013-4450: nodejs: HTTP Pipelining DoS bnc846808 CVE-2013-4450-v0.10.x.patch: contains the fix %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
Fedora Update for libuv FEDORA-2013-19491
Check for the Version of libuv OpenVAS Vulnerability Test Fedora Update for libuv FEDORA-2013-19491 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
Fedora Update for nodejs FEDORA-2013-19491
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for libuv FEDORA-2013-19497
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Node.js HTTP Pipelining Denial of Service
This module exploits a Denial of Service DoS condition in the HTTP parser of Node.js versions released before 0.10.21 and 0.8.26. The attack sends many pipelined HTTP requests on a single connection, which causes unbounded memory allocation when the client does not read the responses. This module...
DoS Vulnerability (fixed in Node v0.8.26 and v0.10.21)
DoS Vulnerability fixed in Node v0.8.26 and v0.10.21 Node.js is vulnerable to a denial of service attack when a client sends many pipelined HTTP requests on a single connection, and the client does not read the responses from the connection. We recommend that anyone using Node.js v0.8 or v0.10 to...
CVE-2013-4450
CVE-2013-4450 affects Node.js HTTP server in 0.10.x before 0.10.21 and 0.8.x before 0.8.26. The vulnerability allows a remote attacker to cause a denial of service by sending a large number of pipelined HTTP requests without reading responses, leading to memory and CPU consumption and possible ex...