dcsimg

Node.js Team Release Disclosure Vulnerability Exploit Fix

By HTMLGoodies Staff

WEBINAR:
On-Demand

Application Security Testing: An Integral Part of DevOps


The latest stable release, version 0.6.17 of Node.js has closed the hole in the HTTP implementation that would allow an attacker to exploit a small but enticing security vulnerability thus allow the would be remote attacker to access private information hosted on that server. The exploit allows the hacker to append the content of the HTTP parser buffer and spoof a request heard, thus making it appears as though the request came from a user and forwarding the contents of that request to the hacker. Read the full details of the vulnerability here.



Make a Comment

Loading Comments...

  • Web Development Newsletter Signup

    Invalid email
    You have successfuly registered to our newsletter.

    By submitting your information, you agree that htmlgoodies.com may send you HTMLGOODIES offers via email, phone and text message, as well as email offers about other products and services that HTMLGOODIES believes may be of interest to you. HTMLGOODIES will process your information in accordance with the Quinstreet Privacy Policy.

  •  
  •  
  •  
Thanks for your registration, follow us on our social networks to keep up-to-date