Get the most out of your Centmin Mod LEMP stack
Become a Member

Security multiple Denial of Service (DoS) vulnerabilities were disclosed for a number of HTTP/2 server implem

Discussion in 'System Administration' started by rdan, Aug 14, 2019.

  1. rdan

    rdan Well-Known Member

    5,018
    1,221
    113
    May 25, 2014
    Ratings:
    +1,849
    Local Time:
    4:45 AM
    Mainline
    10.2
    Today, multiple Denial of Service (DoS) vulnerabilities were disclosed for a number of HTTP/2 server implementations. Cloudflare uses NGINX for HTTP/2. Customers using Cloudflare are already protected against these attacks.

    The individual vulnerabilities, originally discovered by Netflix and are included in this announcement are:


    https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md

    https://blog.cloudflare.com/on-the-recent-http-2-dos-attacks/
     
  2. rdan

    rdan Well-Known Member

    5,018
    1,221
    113
    May 25, 2014
    Ratings:
    +1,849
    Local Time:
    4:45 AM
    Mainline
    10.2
  3. eva2000

    eva2000 Administrator Staff Member

    45,991
    10,448
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,210
    Local Time:
    6:45 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
  4. eva2000

    eva2000 Administrator Staff Member

    45,991
    10,448
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,210
    Local Time:
    6:45 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x