mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-28 03:02:23 +02:00
0xMarcio
1.4 KiB
1.4 KiB
CVE-2019-9513
Description
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.
POC
Reference
- https://kb.cert.org/vuls/id/605641/
- https://kc.mcafee.com/corporate/index?page=content&id=SB10296
- https://usn.ubuntu.com/4099-1/
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ChiomaDibor/Vulnerability-Management-of-a-Web-Server-Using-Nessus-and-Patch-Management-with-Ansible
- https://github.com/Cybervixy/Vulnerability-Management
- https://github.com/Oju-kwu/Vulnerability-Management-Lab
- https://github.com/Teedico/Nessus_Vulnerability_Assessment
- https://github.com/flyniu666/ingress-nginx-0.21-1.19.5
- https://github.com/rmtec/modeswitcher
- https://github.com/vshaliii/DC-4-Vulnhub-Walkthrough