CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. • https://github.com/imabee101/CVE-2023-44487 https://github.com/studiogangster/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/sigridou/CVE-2023-44487- https://github.com/ByteHackr/CVE-2023-44487 https://github.com/ReToCode/golang-CVE-2023-44487 http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www. • CWE-400: Uncontrolled Resource Consumption •
CVE-2018-10868
https://notcve.org/view.php?id=CVE-2018-10868
redhat-certification 7 does not properly restrict the number of recursive definitions of entities in XML documents, allowing an unauthenticated user to run a "Billion Laugh Attack" by replying to XMLRPC methods when getting the status of an host. redhat-certification 7 no restringe adecuadamente el número de definiciones recursivas de entidades en documentos XML, lo que permite a un usuario no autentificado ejecutar un "Billion Laugh Attack" respondiendo a métodos XMLRPC al obtener el estado de un host • https://access.redhat.com/security/cve/CVE-2018-10868 https://bugzilla.redhat.com/show_bug.cgi?id=1593776 • CWE-400: Uncontrolled Resource Consumption CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVE-2018-10867
https://notcve.org/view.php?id=CVE-2018-10867
Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user. Los archivos son accesibles sin restricciones desde la página /update/results del paquete redhat-certification 7, lo que permite a un atacante eliminar cualquier archivo accesible por el usuario apached • https://access.redhat.com/security/cve/CVE-2018-10867 https://bugzilla.redhat.com/show_bug.cgi?id=1593764 • CWE-552: Files or Directories Accessible to External Parties •
CVE-2018-10866
https://notcve.org/view.php?id=CVE-2018-10866
It was discovered that the /configuration view of redhat-certification 7 does not perform an authorization check and it allows an unauthenticated user to remove a "system" file, that is an xml file with host related information, not belonging to him. Se ha descubierto que la vista /configuration de redhat-certification 7 no realiza una comprobación de autorización y permite a un usuario no autentificado eliminar un archivo "system", es decir, un archivo xml con información relacionada con el host, que no le pertenece • https://access.redhat.com/security/cve/CVE-2018-10866 https://bugzilla.redhat.com/show_bug.cgi?id=1593632 • CWE-862: Missing Authorization •
CVE-2018-10865
https://notcve.org/view.php?id=CVE-2018-10865
It was discovered that the /configuration view of redhat-certification 7 does not perform an authorization check and it allows an unauthenticated user to call a "restart" RPC method on any host accessible by the system, even if not belonging to him. Se ha descubierto que la vista /configuration de redhat-certification 7 no realiza una comprobación de autorización y permite a un usuario no autentificado llamar a un método RPC "restart" en cualquier host accesible por el sistema, aunque no le pertenezca • https://access.redhat.com/security/cve/CVE-2018-10865 https://bugzilla.redhat.com/show_bug.cgi?id=1593631 • CWE-862: Missing Authorization •