-
Do we add an advisory on this?
http://osvdb.org/show/osvdb/118954
https://github.com/rails/rails/pull/19055
https://github.com/rails/rails/issues/19050
-
From static scan: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server. The server is started is in edge-sync-service/core/base/http.go on line 24.
-
### Summary
- https://pkg.go.dev/net/http#ListenAndServe
- https://pkg.go.dev/net/http#ListenAndServeTLS
- https://pkg.go.dev/net/http#Serve
- https://pkg.go.dev/net/http#ServeTLS
These func…
-
A `Handler` has no way of changing the underlying connection Deadline, since it has no access to the `net.Conn` (except by maintaining a map from `RemoteAddr` to `net.Conn` via `Server.ConnState`, but…
-
i have identified a list of offensive tools on github [here](https://github.com/mthcht/awesome-lists/tree/main/Github/Offensive-tools/urls) maybe this can be merge with your list:
https://github.com…
-
After upgrading to polkadot-v0.9.10 & polkadot-v0.9.11, we start to observe `no peers` issue on some of our collators, while turning on `sync=trace` I found the following logs:
![image](https://use…
-
C:\Users\ASUS\Downloads\slowloris-master>py slowloris.py HIDDEN IP -s 500
[02-09-2021 10:24:46] Attacking HIDDEN IP with 500 sockets.
[02-09-2021 10:24:46] Creating sockets...
[02-09-2021 10:24:50]…
-
## CVE-2021-29509 - High Severity Vulnerability
Vulnerable Library - puma-4.3.5.gem
Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Puma is intend…
-
## Description
HTTP timeouts are necessary to expire inactive connections and failing to do so might make the application vulnerable to attacks like slowloris which work by sending data very slow, wh…
-
In a reverse proxy scenario I don't want Caddy to retry GET requests when an upstream has accepted the request from caddy. As far as I understood this is doable in Caddy by setting the following confi…