all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Debian Security Advisory 5540-1

Add to bookmarks
Oct. 31, 2023, 1:13 p.m. |

Packet Storm packetstormsecurity.com

Debian Linux Security Advisory 5540-1 - Two remotely exploitable security vulnerabilities were discovered in Jetty 9, a Java based web server and servlet engine. The HTTP/2 protocol implementation did not sufficiently verify if HPACK header values exceed their size limit. Furthermore the HTTP/2 protocol allowed a denial of service (server resource consumption) because request cancellation can reset many streams quickly. This problem is also known as Rapid Reset Attack.

advisory debian denial of service engine header http implementation java limit linux linux security protocol request resource security security advisory server service size verify vulnerabilities web web server

Visit resource

More from packetstormsecurity.com / Packet Storm

Debian Security Advisory 5676-1 an hour ago | packetstormsecurity.com
advisory arbitrary code chromium code +13
Ubuntu Security Notice USN-6747-2 an hour ago | packetstormsecurity.com
attacker denial of service domains exploit +16
htmlLawed 1.2.5 Remote Command Execution an hour ago | packetstormsecurity.com
command concept exploit proof +1
Red Hat Security Advisory 2024-2651-03 an hour ago | packetstormsecurity.com
advisory denial of service enterprise linux +7
Red Hat Security Advisory 2024-2645-03 an hour ago | packetstormsecurity.com
advisory enterprise linux red hat +5
1,400 GitLab Servers Impacted By Exploited Vulnerability an hour ago | packetstormsecurity.com
data loss exploited flaw gitlab +3
Hackers Compromised Dropbox eSignature Service an hour ago | packetstormsecurity.com
compromised dropbox flaw hacker +2
Hacker Free-For-All Fights For Control Of Home And Office Routers Everywhere an hour ago | packetstormsecurity.com
botnet control email free +6
REvil Ransomware Scum Gets 14 Years, $16 Million Fine an hour ago | packetstormsecurity.com
cryptography cybercrime fraud hacker +5

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Associate Manager, BPT Infrastructure & Ops (Security Engineer)

@ SC Johnson | PHL - Makati
View on infosec-jobs.com

Cybersecurity Analyst - Project Bound

@ NextEra Energy | Jupiter, FL, US, 33478
View on infosec-jobs.com

Lead Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Junior Information Security Coordinator (Internship)

@ Garrison Technology | London, Waterloo, England, United Kingdom
View on infosec-jobs.com

Sr. Security Engineer

@ ScienceLogic | Reston, VA
View on infosec-jobs.com
View more jobs