PROTOCOL-OTHER -- Snort alerted on traffic known to exploit vulnerabilities in protocols that do not fit into one of the other protocol rule categories.
PROTOCOL-OTHER Websocket upgrade request without a client key detected
Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP request. Impact: CVSS base score 7.5 CVSS impact score 3.6 CVSS exploitability score 3.9 confidentialityImpact NONE integrityImpact NONE availabilityImpact NONE Details: Ease of Attack:
No information provided
No public information
No known false positives
Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].
No rule groups
CVE-2015-8027 |
Loading description
|
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
