topic CVE-2019-9511 Multiple HTTP/2 implementations are vulnerable to a variety of denial-of-service (DoS) in Advanced Threat Prevention Discussions https://live.paloaltonetworks.com/t5/advanced-threat-prevention/cve-2019-9511-multiple-http-2-implementations-are-vulnerable-to/m-p/282779#M627 <DIV class="lia-message-subject lia-component-message-view-widget-subject"><SPAN style="font-family: inherit;">Hi,</SPAN></DIV> <DIV id="bodyDisplay" class="lia-message-body lia-component-message-view-widget-body lia-component-body-signature-highlight-escalation lia-component-message-view-widget-body-signature-highlight-escalation"> <DIV class="lia-message-body-content"> <P>Just wondering on expected release for signature for this Vulnerability?</P> <P>&nbsp;</P> <P><SPAN>CVE-2019-9511 till CVE-2019-9518 capable of DoS attack.&nbsp;Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.</SPAN></P> <P>&nbsp;</P> <P><SPAN>Refer-</SPAN><BR /><A href="https://www.kb.cert.org/vuls/id/605641/" target="_blank" rel="noopener">https://www.kb.cert.org/vuls/id/605641/</A><BR /><A href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511" target="_blank" rel="noopener">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511</A></P> <P>&nbsp;</P> <P>Thanks and regards</P> <P>Apoorva</P> </DIV> </DIV> Wed, 14 Aug 2019 18:48:12 GMT akamat 2019-08-14T18:48:12Z CVE-2019-9511 Multiple HTTP/2 implementations are vulnerable to a variety of denial-of-service (DoS) https://live.paloaltonetworks.com/t5/advanced-threat-prevention/cve-2019-9511-multiple-http-2-implementations-are-vulnerable-to/m-p/282779#M627 <DIV class="lia-message-subject lia-component-message-view-widget-subject"><SPAN style="font-family: inherit;">Hi,</SPAN></DIV> <DIV id="bodyDisplay" class="lia-message-body lia-component-message-view-widget-body lia-component-body-signature-highlight-escalation lia-component-message-view-widget-body-signature-highlight-escalation"> <DIV class="lia-message-body-content"> <P>Just wondering on expected release for signature for this Vulnerability?</P> <P>&nbsp;</P> <P><SPAN>CVE-2019-9511 till CVE-2019-9518 capable of DoS attack.&nbsp;Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.</SPAN></P> <P>&nbsp;</P> <P><SPAN>Refer-</SPAN><BR /><A href="https://www.kb.cert.org/vuls/id/605641/" target="_blank" rel="noopener">https://www.kb.cert.org/vuls/id/605641/</A><BR /><A href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511" target="_blank" rel="noopener">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511</A></P> <P>&nbsp;</P> <P>Thanks and regards</P> <P>Apoorva</P> </DIV> </DIV> Wed, 14 Aug 2019 18:48:12 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/cve-2019-9511-multiple-http-2-implementations-are-vulnerable-to/m-p/282779#M627 akamat 2019-08-14T18:48:12Z