Date: Sat, 19 Oct 2013 11:43:51 -0400 From: Jonathan Rudenberg <jonathan@...anous.com> To: oss-security@...ts.openwall.com Subject: CVE Request: Node.js HTTP Pipelining DoS Node.js is vulnerable to DoS when a client sends too many pipelined HTTP requests. Links: https://groups.google.com/forum/#!topic/nodejs/NEbweYB0ei0 http://blog.nodejs.org/2013/10/18/node-v0-10-21-stable/ http://blog.nodejs.org/2013/10/18/node-v0-8-26-maintenance/ https://github.com/joyent/node/issues/6214 https://github.com/joyent/node/commit/085dd30e93da67362f044ad1b3b6b2d997064692 This issue affects all versions of Node released before 0.10.21 and 0.8.26.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ