Node.js CVE-2013-4450 Denial of Service Vulnerability

Node.js is prone to a denial-of-service vulnerability.

Remote attackers can exploit this issue to cause denial-of-service conditions.

Information

Bugtraq ID: 63229
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2013-4450

Remote: Yes
Local: No
Published: Oct 18 2013 12:00AM
Updated: Apr 13 2017 02:05PM
Credit: isaacs
Vulnerable: S.u.S.E. openSUSE 12.3
S.u.S.E. openSUSE 12.2
Juniper NorthStar Controller Application 2.1.0
Joyent Node.js 0.10.20
Joyent Node.js 0.8.25
Joyent Node.js 0.7.8
Joyent Node.js 0.7.7
Joyent Node.js 0.6.16
Joyent Node.js 0.6.15

Not Vulnerable: Juniper NorthStar Controller Application 2.1.0 Service Pack 1
Joyent Node.js 0.10.21
Joyent Node.js 0.8.26

References:

http: provide backpressure for pipeline flood (isaacs )
Node v0.10.21 (Stable) (Joyent)
Node v0.8.26 (Maintenance) (Joyent)
Node.js Homepage (Joyent)
Re: CVE Request: Node.js HTTP Pipelining DoS (oss-sec)
2107-04 Security Bulletin: Multiple Vulnerabilities in NorthStar Controller Appl (juniper)
nodejs010-nodejs security update (Red Hat)
openSUSE-SU-2013:1863-1: moderate: update for nodejs (SUSE)

Source: www.securityfocus.com

Exploit Collector

Search Exploit

Node.js CVE-2013-4450 Denial of Service Vulnerability

Information