Wednesday, September 16, 2015

Directory traversal vulnerability found in H2O

A directory traversal vulnerability has been found in H2O. Users are advised to update immediately.

https://h2o.examp1e.net/vulnerabilities.html#CVE-2015-5638



EDIT. I am sorry to have included an information leakage vulnerability in my software. Information leakage vulnerability consists of two categories: file leakage and memory leakage. Today we have fixed the former; there are no known vulnerabilities that need to be fixed.

However, considering the fact that it is hard to prove that there is no memory leakage vulnerability, we are going to implement privilege separation for handling TLS private keys in the upcoming 1.5 release just in case so that the private keys would not get exposed even if such vulnerability exist.
投稿者 時刻:
ラベル: ,
はてなブックマーク - Directory traversal vulnerability found in H2O

6 comments:

  1. UnknownMarch 9, 2016 at 12:34 PM

    icc t20 world cup
    icc t20 world cup 2016
    icc t20 world cup 2016 live
    icc t20 world cup 2016 live streaming
    icc t20 world cup live
    t20 world 2016
    t20 world cup
    t20 world cup 2016 live
    t20 world cup 2016 live streaming
    t20 world cup live

    icc t20 world cup
    icc t20 world cup 2016
    icc t20 world cup 2016 live
    icc t20 world cup 2016 live streaming
    icc t20 world cup live
    t20 world 2016
    t20 world cup
    t20 world cup 2016 live
    t20 world cup 2016 live streaming
    t20 world cup live


    IPL t20
    IPL t20 2016
    IPL t20 2016 live
    IPL t20 2016 Streaming
    IPL t20 2016 live Streaming
    IPL t20 2016 Streaming
    IPL t20 live Streaming
    IPL live Streaming
    IPL live
    IPL t20 live
    mobiles phone
    hindilyrics
    PnrStatus

    ReplyDelete
  2. MatiasDecember 21, 2016 at 3:50 AM

    This lets clients narrow down their searches and allows your company to have more prominent online rankings. Goodprdirectory.com

    ReplyDelete
  3. UnknownJuly 11, 2017 at 6:15 PM

    dengan carbon steel. Sedangkan harga dari HSS besarnya dua sampai empat kali daripada carbon steel.www.pusatbesibaja.com
    Supplier besi wf
    Supplier besi wf

    ReplyDelete
  4. AndroidSDKJune 13, 2018 at 4:49 PM

    Download Stock ROM Firmware for Coolpad Catalyst 3622A view website
    Update firmware for router view website
    How to update firmware for Digital photo Cameras? site

    ReplyDelete
  5. zozaianOctober 26, 2018 at 4:39 AM

    This comment has been removed by the author.

    ReplyDelete
  6. Sania KumariDecember 20, 2018 at 6:19 PM

    Mumbai escorts
    Mumbai escorts
    Mumbai escorts
    Mumbai escorts

    Mumbai escorts
    Mumbai escorts
    Mumbai escorts

    ReplyDelete

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)