Found 4 bookmarks
Custom sorting
HTTP/2 CONTINUATION Flood: Technical Details
HTTP/2 CONTINUATION Flood: Technical Details
Deep technical analysis of the CONTINUATION Flood: a class of vulnerabilities within numerous HTTP/2 protocol implementations. In many cases, it poses a more severe threat compared to the Rapid Reset: a single machine (and in certain instances, a mere single TCP connection or a handful of frames) has the potential to disrupt server availability, with consequences ranging from server crashes to substantial performance degradation. Remarkably, requests that constitute an attack are not visible in HTTP access logs. **A simplified security advisory and the list of affected projects can be found in: http2-continuation-flood
#nowotarski#EN#2024#CONTINUATION-flood#HTTP/2#DoS#technical-details
·nowotarski.info·
HTTP/2 CONTINUATION Flood: Technical Details
Loop DoS: New Denial-of-Service attack targets application-layer protocols
Loop DoS: New Denial-of-Service attack targets application-layer protocols
A new Denial-of-Service (DoS) attack targets application-layer protocols that draw on the User Datagram Protocol (UDP) for end-to-end communication. The vulnerability affects both legacy and contemporary protocols. Discovered by Christian Rossow and Yepeng Pan, the attack puts an estimated 300,000 Internet hosts and their networks at risk.
#cispa.de#EN#2024#DoS#Denial-of-Service#UDP#vulnerability#Application-Layer
·cispa.de·
Loop DoS: New Denial-of-Service attack targets application-layer protocols