4 matches found
GHSA-7CWJ-J333-X7F7 Uncontrolled Resource Consumption in Apache ZooKeeper
Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10,...
zookeeper: Incorrect input validation with wchp/wchc four letter words
A denial of service vulnerability was discovered in ZooKeeper which allows an attacker to dramatically increase CPU utilization by abusing "wchp/wchc" commands, leading to the server being unable to serve legitimate requests...
zookeeper: Incorrect input validation with wchp/wchc four letter words
A denial of service vulnerability was discovered in ZooKeeper which allows an attacker to dramatically increase CPU utilization by abusing "wchp/wchc" commands, leading to the server being unable to serve legitimate requests...
Denial Of Service (DoS)
zookeeper is vulnerable to denial of service DoS attacks. The vulnerability is possible because it does not properly handle four letter zookeeper commands such as wchp /wchc/wchc . Therefore, when non-trusted clients get access to the client port i.e., if the zookeeper service is not protected...