14 matches found
EUVD-2019-3596
Malware in sbrugna...
CVE-2019-11940
In the course of decompressing HPACK inside the HTTP2 protocol, an unexpected sequence of header table resize operations can place the header table into a corrupted state, leading to a use-after-free condition and undefined behavior. This issue affects Proxygen from v0.29.0 until v2017.04.03.00...
GHSA-CFGP-2977-2FMM Connection confusion in gRPC
When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this...
gRPC 安全漏洞
gRPC is a modern, open source, high-performance Remote Procedure Call RPC framework from gRPC Open Source. A security vulnerability exists in gRPC that stems from the fact that when the gRPC HTTP2 stack throws a header size exceeded error, it skips parsing the rest of the HPACK frame. This causes...
SUSE CVE-2016-6581
A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK...
CVE-2019-11940
In the course of decompressing HPACK inside the HTTP2 protocol, an unexpected sequence of header table resize operations can place the header table into a corrupted state, leading to a use-after-free condition and undefined behavior. This issue affects Proxygen from v0.29.0 until v2017.04.03.00...
Design/Logic Flaw
In the course of decompressing HPACK inside the HTTP2 protocol, an unexpected sequence of header table resize operations can place the header table into a corrupted state, leading to a use-after-free condition and undefined behavior. This issue affects Proxygen from v0.29.0 until v2017.04.03.00...
CVE-2019-11940
In the course of decompressing HPACK inside the HTTP2 protocol, an unexpected sequence of header table resize operations can place the header table into a corrupted state, leading to a use-after-free condition and undefined behavior. This issue affects Proxygen from v0.29.0 until v2017.04.03.00...
CVE-2019-11940
CVE-2019-11940 affects Facebook Proxygen (HTTP/2 HPACK decompression). An unexpected sequence of header-table resize operations can drive the HPACK header table into a corrupted state, causing a use-after-free and undefined behavior. Affected versions: Proxygen from v0.29.0 up to v2017.04.03.00. ...
PYSEC-2017-87
A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK...
UBUNTU-CVE-2016-6581
A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK...
MINIX 3.3.0 Local Denial of Service PoC
No description provided by source. Exploit Title: MINIX 3.3.0 Local Denial of Service Exploit Author: nitr0us Vendor Homepage: www.minix3.org Software Link: http://www.minix3.org/download/index.html Version: 3.3.0 Tested on: MINIX 3.3.0 x86 Attached three PoCs malformed ELFs and a screenshot of t...
OpenBSD 5.5 - Local Kernel Panic (Denial of Service)
/ tenochtitlan.c OpenBSD include include include include include include include include ifndef OpenBSD error "Not an OpenBSD system !!!1111"; else include endif ifndef i386 error "Not an i386 system !!!1111"; endif // In Aztec mythology, Huitzilopochtli, was a god of war, a sun god, // the patro...
Трояним эльфов
Трояним эльфов Задача: Вставить в elf-файл возможность, при указании пароля, запуска произвольных команд. Размер и функционал исходного elf-файла остаются неизменными. Часть 1. Трояним /bin/su из BackTrack 5 R1 x86 образ VMWare BT5R1-GNOME-VM-32.7z 1. ELF и его анатомия в контексте используемой...