Node.js HTTP Server Deny Service Vulnerability
Last Update Date:
22 Oct 2013 10:07
Release Date:
22 Oct 2013
3911
Views
RISK: High Risk
TYPE: Servers - Web Servers
A vulnerability was identified in Node.js. A remote user can cause denial of service conditions.
A remote user can send a large number of specially crafted pipelined requests to the target HTTP server component to cause excessive memory and CPU consumption on the target system.
Impact
- Denial of Service
System / Technologies affected
- prior to versions 0.8.26, 0.10.18
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix (0.8.26, 0.10.18).
http://blog.nodejs.org/2013/10/18/node-v0-10-21-stable/
Vulnerability Identifier
Source
Related Link
Share with