{"vulnerability": "CVE-2023-4448", "sightings": [{"uuid": "b9b6932b-2f00-46de-b133-d4860280c0c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-10-10T21:10:02.000000Z"}, {"uuid": "ad2b8513-7e71-4783-ae24-bd3228bec1a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "cb3be289-1bd0-4733-b7e5-4b935a0610d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/", "content": "", "creation_timestamp": "2023-10-10T05:00:00.000000Z"}, {"uuid": "801cec75-acb9-4dde-bf80-c09a38e8c9ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113672096276468558", "content": "", "creation_timestamp": "2024-12-18T05:09:00.171743Z"}, {"uuid": "30b50f45-607c-4136-b45b-2a55460ecaa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971900", "content": "", "creation_timestamp": "2024-12-24T20:35:25.203047Z"}, {"uuid": "cfe7df69-537e-4618-ac5c-4f0d97939145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:48.000000Z"}, {"uuid": "9a49533e-6dac-41a9-84d5-4692d090d02e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-05", "content": "", "creation_timestamp": "2025-06-12T10:00:00.000000Z"}, {"uuid": "0bccf176-3c58-4d68-b927-0a057ec21161", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-203-04", "content": "", "creation_timestamp": "2025-07-22T10:00:00.000000Z"}, {"uuid": "89503514-8464-449e-994d-1e318fc16895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http-2/", "content": "", "creation_timestamp": "2023-10-10T05:00:00.000000Z"}, {"uuid": "fa2871fc-f7e0-47ce-b832-4f1691497bda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lz2qazdnvf2w", "content": "", "creation_timestamp": "2025-09-17T21:02:40.844253Z"}, {"uuid": "fa59a080-421b-4b4f-9511-dcdda6a1583c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m6kcqrgukf2g", "content": "", "creation_timestamp": "2025-11-26T16:49:20.351181Z"}, {"uuid": "cb598b10-128e-4c5b-838d-660e26d57e62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3m6kcqvykujh2", "content": "", "creation_timestamp": "2025-11-26T16:49:32.871533Z"}, {"uuid": "46dc7ec6-d481-49c1-97c7-2ca75fdcee77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://gist.github.com/lmolkova/34dc5c0b0f583ca80681af3c9334238d", "content": "", "creation_timestamp": "2025-11-03T23:34:52.000000Z"}, {"uuid": "1627e2ff-06a1-41b3-a2a6-182caced2241", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://gist.github.com/vietj/6cb0297e7881e7ddfbf29a64848fb7c7", "content": "", "creation_timestamp": "2026-03-03T09:26:42.000000Z"}, {"uuid": "2d164614-88b7-48f8-8384-3a376a7f37ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0287/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "5deb8747-68b6-4ef6-92d5-fcefa42cff57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://gist.github.com/lmolkova/a8deca8726d3e185e2644f43182b54be", "content": "", "creation_timestamp": "2026-01-01T20:10:51.000000Z"}, {"uuid": "0b71ad3d-4625-4ea5-875c-8bbba9db852e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1130", "content": "", "creation_timestamp": "2023-10-11T04:00:00.000000Z"}, {"uuid": "14bb6d0c-765e-4759-ba77-3f46dd5e43ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1138", "content": "", "creation_timestamp": "2023-10-16T04:00:00.000000Z"}, {"uuid": "6cbc5d06-ab29-4cc9-8973-b0d5bfc1bf7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "bdf4cdca-8368-4c7b-9fac-93aff5986921", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_8/2024", "content": "", "creation_timestamp": "2024-02-09T10:14:28.000000Z"}, {"uuid": "4df9b727-3fe8-493d-83b2-821f07133b41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44482", "type": "seen", "source": "https://gist.github.com/alon710/fd16799ed4000acf29f2381f06df6070", "content": "", "creation_timestamp": "2026-01-24T21:32:22.000000Z"}, {"uuid": "d705edc8-400f-411b-8191-b91cbf17b162", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4441842a-dcf2-4b86-a575-007bad2b482a", "content": "", "creation_timestamp": "2026-02-02T12:26:48.814572Z"}, {"uuid": "e338b053-3127-46c8-97ab-5f86d43f1c3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-44487", "type": "seen", "source": "https://gist.github.com/alon710/fd16799ed4000acf29f2381f06df6070", "content": "", "creation_timestamp": "2026-01-24T21:32:22.000000Z"}, {"uuid": "590a3ca9-726e-47e0-978f-ca645677e619", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://gist.github.com/alon710/090ce152a99e7d6c37ffe600ece932cd", "content": "", "creation_timestamp": "2026-01-24T21:32:26.000000Z"}, {"uuid": "a3b25cc1-7a01-4e3a-8b7b-b7cb93b6eb3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/I-KMl-VM-m1GjAHEWWQ8aP3mX4MIDs3Gzao9kI6rvEgKQrI", "content": "", "creation_timestamp": "2025-12-14T21:00:05.000000Z"}, {"uuid": "9eb0f99f-33e0-4403-ae88-262b46bfad32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/cKure/11834", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 HTTP/2 Rapid Reset (CVE-2023-44487)\n\nhttps://thehackernews.com/2023/10/record-breaking-100-million-rps-ddos.html", "creation_timestamp": "2023-10-27T06:18:29.000000Z"}, {"uuid": "82a9b91c-bff6-4d6f-9f04-5f8387090e2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5439", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aQuick exploit to test out rapid reset attack (CVE-2023-44487). Note: For education purpose only\nURL\uff1ahttps://github.com/studiogangster/CVE-2023-44487\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-16T11:18:09.000000Z"}, {"uuid": "5bcd8514-9b0a-4688-9beb-de60730d398c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5374", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aTest Script for CVE-2023-44487\nURL\uff1ahttps://github.com/ByteHackr/CVE-2023-44487\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-12T03:17:19.000000Z"}, {"uuid": "a12649a0-c572-4a91-9dae-339dfb0c57ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5351", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aBasic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487\nURL\uff1ahttps://github.com/bcdannyboy/CVE-2023-44487\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-10T14:26:33.000000Z"}, {"uuid": "6e6989e6-c87c-440c-86cd-5b87e063b8ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5379", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-44487\nURL\uff1ahttps://github.com/pabloec20/rapidreset\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-12T07:15:13.000000Z"}, {"uuid": "48cfd0a7-60f5-40e4-8d4a-7214b96b7d11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2380", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12698\n\ud83d\udd39 Description: An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability (CVE-2023-39325/CVE-2023-44487) where only unauthenticated streams were protected, not streams created by authenticated sources.\n\ud83d\udccf Published: 2024-12-18T05:07:21.026Z\n\ud83d\udccf Modified: 2025-01-21T09:28:08.318Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2024-12698\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2332674", "creation_timestamp": "2025-01-21T10:01:16.000000Z"}, {"uuid": "63651c19-8927-4cec-a594-986a8cff85bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5835", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aHighly configurable tool to check a server's vulnerability against CVE-2023-44487 by rapidly sending HEADERS and RST_STREAM frames and documenting the server's responses.\nURL\uff1ahttps://github.com/ndrscodes/http2-rst-stream-attacker\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-16T17:17:59.000000Z"}, {"uuid": "25ce5472-20a4-4afc-94a0-a85151938d78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5944", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aA tool to check how well a system can handle Rapid Reset DDoS attacks (CVE-2023-44487).\nURL\uff1ahttps://github.com/terrorist/CVE-2023-44487\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-24T18:29:20.000000Z"}, {"uuid": "139c593b-1919-4e9c-99a3-af85617dac78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5945", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aA tool to check how well a system can handle Rapid Reset DDoS attacks (CVE-2023-44487).\nURL\uff1ahttps://github.com/terrorist/HTTP-2-Rapid-Reset-Client\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-24T19:58:11.000000Z"}, {"uuid": "b3dafe93-d806-4e46-956e-76446b06f2e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/itsec_news/3435", "content": "\u200b\u26a1\ufe0f\u041d\u043e\u0432\u044b\u0439 \u043c\u0435\u0442\u043e\u0434 DDoS-\u0430\u0442\u0430\u043a\u0438 \u00abHTTP/2 Rapid Reset\u00bb \u0431\u044c\u0451\u0442 \u0440\u0435\u043a\u043e\u0440\u0434\u044b \u0438\u043d\u0442\u0435\u043d\u0441\u0438\u0432\u043d\u043e\u0441\u0442\u0438.\n\n\ud83d\udcac \u041d\u043e\u0432\u0430\u044f \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u044f DDoS-\u0430\u0442\u0430\u043a \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c \u00abHTTP/2 Rapid Reset\u00bb \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 zero-day \u0430\u0442\u0430\u043a\u0438 \u0441 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430, \u043f\u043e\u0431\u0438\u0432 \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0440\u0435\u043a\u043e\u0440\u0434\u044b \u043f\u043e \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0430\u043c.\n\n\u041d\u043e\u0432\u043e\u0441\u0442\u0438 \u043e Rapid Reset \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0432\u044b\u0445\u043e\u0434\u0430 \u0441\u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043e\u0442\u0447\u0451\u0442\u043e\u0432 \u0443 AWS , Cloudflare \u0438 Google , \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u0438 \u0430\u0442\u0430\u043a, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u044e\u0449\u0438\u0445 155 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443 \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Amazon, 201 \u043c\u0438\u043b\u043b\u0438\u043e\u043d \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Cloudflare \u0438 398 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443 \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Google.\n\n\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0442\u043e \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u0442\u0430\u043a\u043e\u0439 \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0441\u0440\u0430\u0432\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0430\u044f \u0431\u043e\u0442\u043d\u0435\u0442-\u0441\u0435\u0442\u044c \u0438\u0437 20 \u0442\u044b\u0441\u044f\u0447 \u043c\u0430\u0448\u0438\u043d. \u0410 \u0432\u0435\u0434\u044c \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0442 \u0431\u043e\u0442\u043d\u0435\u0442\u044b \u0438\u0437 \u0441\u043e\u0442\u0435\u043d \u0442\u044b\u0441\u044f\u0447 \u0438 \u0434\u0430\u0436\u0435 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432. \u0427\u0442\u043e \u0431\u0443\u0434\u0435\u0442, \u0435\u0441\u043b\u0438 \u043e\u043d\u0438 \u043d\u0430\u0447\u043d\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Rapid Reset \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445?\n\n\u041a\u0430\u043a \u0431\u044b \u0442\u043e \u043d\u0438 \u0431\u044b\u043b\u043e, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Cloudflare \u0440\u0430\u043f\u043e\u0440\u0442\u0443\u044e\u0442, \u0447\u0442\u043e \u0441 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0443\u0436\u0435 \u0431\u043e\u043b\u0435\u0435 \u0442\u044b\u0441\u044f\u0447\u0438 \u0440\u0430\u0437\u043d\u044b\u0445 DDoS-\u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043c\u0435\u0442\u043e\u0434\u0430 \u00abHTTP/2 Rapid Reset\u00bb.\n\n\u042d\u0442\u043e\u0442 \u043d\u043e\u0432\u044b\u0439 \u043c\u0435\u0442\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 zero-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2023-44487 . \u041e\u043d \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u0435\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 HTTP/2, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u043e\u0442\u043c\u0435\u043d\u044b \u043f\u043e\u0442\u043e\u043a\u0430 \u0434\u043b\u044f \u0431\u0435\u0441\u043f\u0440\u0435\u0440\u044b\u0432\u043d\u043e\u0439 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0438 \u043e\u0442\u043c\u0435\u043d\u044b \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u0447\u0442\u043e \u043c\u043e\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u0435\u0440\u0435\u0433\u0440\u0443\u0437\u043a\u0435 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430.\n\n\u0412 HTTP/2 \u043f\u0440\u0435\u0434\u0443\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u0430 \u0437\u0430\u0449\u0438\u0442\u0430 \u0432 \u0432\u0438\u0434\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432\u0430\u0435\u0442 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u043f\u043e\u0442\u043e\u043a\u043e\u0432 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f DoS-\u0430\u0442\u0430\u043a, \u043e\u0434\u043d\u0430\u043a\u043e \u044d\u0442\u043e \u043d\u0435 \u0432\u0441\u0435\u0433\u0434\u0430 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e.\n\nGoogle \u043f\u043e\u044f\u0441\u043d\u0438\u043b: \u00ab\u041f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043e\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043e\u0442\u043c\u0435\u043d\u0443, \u043a\u043b\u0438\u0435\u043d\u0442 \u043c\u043e\u0436\u0435\u0442 \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u044d\u0442\u043e \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u00bb. \u041e\u0442\u0441\u044e\u0434\u0430 \u0438 \u0442\u0430\u043a\u043e\u0439 \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u0442\u043e\u043a \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u2014 \u0437\u0430\u0434\u0435\u0440\u0436\u0435\u043a \u0434\u043b\u044f \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043f\u043e\u0447\u0442\u0438 \u043d\u0435\u0442.\n\nCloudflare \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e HTTP/2 \u043f\u0440\u043e\u043a\u0441\u0438 \u0438 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a. \u041f\u043e \u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u044d\u0442\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0449\u0438\u0435\u0441\u044f \u0430\u0442\u0430\u043a\u0438 \u043f\u0440\u0438\u0432\u0435\u043b\u0438 \u043a \u0443\u0432\u0435\u043b\u0438\u0447\u0435\u043d\u0438\u044e \u043e\u0448\u0438\u0431\u043e\u043a 502 (Bad Gateway) \u0441\u0440\u0435\u0434\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 Cloudflare.\n\n\u0414\u043b\u044f \u043e\u0442\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a Cloudflare \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u00abIP Jail\u00bb, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432\u0430\u044f \u0438\u0445 \u0434\u043e\u0441\u0442\u0443\u043f \u043a HTTP/2 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0434\u043e\u043c\u0435\u043d\u043e\u0432 Cloudflare \u043d\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u0440\u0435\u043c\u044f. Amazon \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0441\u0442\u043e\u044f\u043b\u0430 \u0434\u0435\u0441\u044f\u0442\u043a\u0430\u043c \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0446\u0438\u0444\u0440\u043e\u0432\u044b\u0445 \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u0439, \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u044f, \u0447\u0442\u043e \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0430\u0442\u0430\u043a.\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0430\u0442\u0430\u043a\u0430\u043c HTTP/2 Rapid Reset \u0432\u0441\u0435 \u0442\u0440\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0441\u0432\u043e\u0438\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u0441\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 HTTP-\u0430\u0442\u0430\u043a \u0438 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c \u0441\u0432\u043e\u044e \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u044c \u043a DDoS \u0440\u0430\u0437\u043d\u043e\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u043c\u0435\u0442\u043e\u0434\u0430\u043c\u0438.\n\nCloudflare \u0432 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u043c \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0438 \u0443\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0443\u043c\u0430\u043b\u0447\u0438\u0432\u0430\u043d\u0438\u0435 \u043e\u0431 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u043b\u043e\u0441\u044c \u0431\u043e\u043b\u0435\u0435 \u043c\u0435\u0441\u044f\u0446\u0430, \u0447\u0442\u043e\u0431\u044b \u0434\u0430\u0442\u044c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c \u0441\u0438\u0441\u0442\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043d\u0430 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435.\n\n\u00ab\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u043d\u0430\u0441\u0442\u0443\u043f\u0438\u043b \u0442\u043e\u0442 \u0434\u0435\u043d\u044c, \u043a\u043e\u0433\u0434\u0430 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u044d\u0442\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u0435\u00bb \u2014 \u0437\u0430\u043a\u043b\u044e\u0447\u0438\u043b\u0438 \u0432 Cloudflare.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-10-11T05:27:00.000000Z"}, {"uuid": "c2bc6de0-1e64-482b-bb26-23e9014610bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/272", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-6596\n\ud83d\udd39 Description: An incomplete fix was shipped for the Rapid Reset (CVE-2023-44487/CVE-2023-39325) vulnerability for an OpenShift Containers.\n\ud83d\udccf Published: 2024-04-25T16:00:24.215Z\n\ud83d\udccf Modified: 2025-01-06T22:01:20.326Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:0485\n2. https://access.redhat.com/errata/RHSA-2024:0682\n3. https://access.redhat.com/security/cve/CVE-2023-6596\n4. https://bugzilla.redhat.com/show_bug.cgi?id=2253521", "creation_timestamp": "2025-01-06T22:38:24.000000Z"}, {"uuid": "8cc2f7c3-d7bc-4d7a-a1fc-71012c1150e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5259", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12698\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability (CVE-2023-39325/CVE-2023-44487) where only unauthenticated streams were protected, not streams created by authenticated sources.\n\ud83d\udccf Published: 2024-12-18T05:07:21.026Z\n\ud83d\udccf Modified: 2025-02-25T08:07:40.863Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:6122\n2. https://access.redhat.com/security/cve/CVE-2024-12698\n3. https://bugzilla.redhat.com/show_bug.cgi?id=2332674", "creation_timestamp": "2025-02-25T08:25:23.000000Z"}, {"uuid": "eeca493d-39d2-461b-9788-e609d9a41a8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/eiq80vTfK0uEvpSaVkLstXl9YEDfyEgGUyA39bKhe3J3sOM", "content": "", "creation_timestamp": "2026-04-24T09:00:04.000000Z"}, {"uuid": "f40d6f25-5ef4-4536-9566-d7e4b73c6073", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/ArabGathering/2006", "content": "\u0627\u0641\u0636\u0644 \u0627\u062f\u0627\u0647 \u0644\u0641\u062d\u0635 \u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0645\u0648\u0627\u0642\u0639 2023 \u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 Kali Linux\n\nhttps://github.com/bcdannyboy/CVE-2023-44487", "creation_timestamp": "2024-02-05T12:49:03.000000Z"}, {"uuid": "9ea76ce0-a1dc-4915-98d2-8c4fa971bacd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/eXCe_Fixxed/109130", "content": "# DD0S CVE List by Layer 3/4/7\n\n##  Layer 3 (Network) - ICMP, IP, NDP\n\n# 2020\n- CVE-2020-16898  > Windows TCP/IP \"Bad Neighbor\" - ICMPv6 ping of death (DoS via BSOD)\n\n##  Layer 4 (Transport) - TCP, UDP\n\n# 2013\n- CVE-2013-5211  > NTP Amplification Attack via 'monlist' (UDP-based)\n\n# 2016\n- CVE-2016-9244  > Cisco VPN IKEv1 flood (UDP port 500 DoS)\n\n# 2018\n- CVE-2018-1000115  > Memcached UDP Amplification (reflection attack)\n\n# 2018\n- CVE-2018-0171  > Cisco Smart Install DoS (TCP port 4786)\n\n##  Layer 7 (Application) - HTTP, NTP, Memcached, API\n\n# 2021\n- CVE-2021-22986  > F5 BIG-IP iControl REST unauth DoS/RCE (API abuse)\n\n# 2023\n- CVE-2023-44487  > HTTP/2 Rapid Reset Attack - stream reset flooding\n\n# 2024\n- CVE-2024-29269  > Telesquare LTE Router Cmd Injection (dapat digunakan untuk DoS chaining) {New Cve Bug}", "creation_timestamp": "2025-08-03T06:11:01.000000Z"}, {"uuid": "38201630-ee30-45d6-aa50-2807547df155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/eXCe_Fixxed/502", "content": "# DD0S CVE List by Layer 3/4/7\n\n##  Layer 3 (Network) - ICMP, IP, NDP\n\n# 2020\n- CVE-2020-16898  > Windows TCP/IP \"Bad Neighbor\" - ICMPv6 ping of death (DoS via BSOD)\n\n##  Layer 4 (Transport) - TCP, UDP\n\n# 2013\n- CVE-2013-5211  > NTP Amplification Attack via 'monlist' (UDP-based)\n\n# 2016\n- CVE-2016-9244  > Cisco VPN IKEv1 flood (UDP port 500 DoS)\n\n# 2018\n- CVE-2018-1000115  > Memcached UDP Amplification (reflection attack)\n\n# 2018\n- CVE-2018-0171  > Cisco Smart Install DoS (TCP port 4786)\n\n##  Layer 7 (Application) - HTTP, NTP, Memcached, API\n\n# 2021\n- CVE-2021-22986  > F5 BIG-IP iControl REST unauth DoS/RCE (API abuse)\n\n# 2023\n- CVE-2023-44487  > HTTP/2 Rapid Reset Attack - stream reset flooding\n\n# 2024\n- CVE-2024-29269  > Telesquare LTE Router Cmd Injection (dapat digunakan untuk DoS chaining) {New Cve Bug}", "creation_timestamp": "2025-08-03T06:11:01.000000Z"}, {"uuid": "a1c9dc38-3a0d-48c6-97a7-ec55eb452e9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5404", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aTool for testing mitigations and exposure to Rapid Reset DDoS (CVE-2023-44487)\nURL\uff1ahttps://github.com/secengjeff/rapidresetclient\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-13T23:58:05.000000Z"}, {"uuid": "f09df0e3-98cf-4ee2-97d1-3f0122302350", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/poxek/5447", "content": "MadeYouReset: \u041d\u043e\u0432\u0430\u044f HTTP/2 DoS \u0430\u0442\u0430\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0443\u0436\u0435 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043b\u0438\n#research #http2 #http1 #http #DoS #CVE\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u0422\u0435\u043b\u044c-\u0410\u0432\u0438\u0432\u0441\u043a\u043e\u0433\u043e \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u0443\u044e HTTP/2 DoS \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c MadeYouReset (CVE-2025-8671). \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0447\u0442\u043e \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u043e\u0432 \u0443\u0436\u0435 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u044b \u043e\u0442 \u043d\u0435\u0451 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043c\u0435\u0440\u0430\u043c \u043f\u0440\u043e\u0442\u0438\u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e\u0434\u043d\u0435\u0439 \u0430\u0442\u0430\u043a\u0438 Rapid Reset.\n\nHTTP/2 stream reset - \u044d\u0442\u043e \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0443 \u043e\u0442\u043c\u0435\u043d\u0438\u0442\u044c HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 \u0434\u043e \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043e\u0442\u0432\u0435\u0442\u0430 \u043e\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u044c\u0442\u0435 \u044d\u0442\u043e \u043a\u0430\u043a \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0441\u043a\u0430\u0437\u0430\u0442\u044c \"\u043d\u0435\u0432\u0430\u0436\u043d\u043e\" \u043e\u0444\u0438\u0446\u0438\u0430\u043d\u0442\u0443, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0443\u0436\u0435 \u043f\u043e\u0448\u0451\u043b \u043d\u0430 \u043a\u0443\u0445\u043d\u044e \u0441 \u0432\u0430\u0448\u0438\u043c \u0437\u0430\u043a\u0430\u0437\u043e\u043c. \u041f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f, \u0432\u0435\u0434\u044c \u0435\u0451 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0430\u0442\u0430\u043a))\n\n\u0420\u0430\u0437\u043d\u0438\u0446\u0430 \u0441 Rapid Reset:\n\nRapid Reset (CVE-2023-44487) \u0440\u0430\u0431\u043e\u0442\u0430\u043b \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u044f\u043c\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441\u0431\u0440\u043e\u0441\u0430 \u043f\u043e\u0442\u043e\u043a\u043e\u0432 - \u043a\u043b\u0438\u0435\u043d\u0442 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u043b \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0438 \u0441\u0440\u0430\u0437\u0443 \u0438\u0445 \u043e\u0442\u043c\u0435\u043d\u044f\u043b, \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0441\u0435\u0440\u0432\u0435\u0440 \u0442\u0440\u0430\u0442\u0438\u0442\u044c \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u0432\u043f\u0443\u0441\u0442\u0443\u044e.\n\nMadeYouReset \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u0445\u0438\u0442\u0440\u044b\u0439 \u043f\u043e\u0434\u0445\u043e\u0434: \u0432\u043c\u0435\u0441\u0442\u043e \u043f\u0440\u044f\u043c\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0441\u0431\u0440\u043e\u0441\u0430 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0438\u0441\u043a\u0430\u0436\u0435\u043d\u043d\u044b\u0435 HTTP/2 frames, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0441\u0430\u043c \u0441\u0435\u0440\u0432\u0435\u0440 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0431\u0440\u043e\u0441 \u043f\u043e\u0442\u043e\u043a\u043e\u0432. \u042d\u0442\u043e \u043a\u0430\u043a \u043f\u043e\u0434\u0441\u0443\u043d\u0443\u0442\u044c \u043e\u0444\u0438\u0446\u0438\u0430\u043d\u0442\u0443 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439 \u0437\u0430\u043a\u0430\u0437, \u0447\u0442\u043e\u0431\u044b \u043e\u043d \u0441\u0430\u043c \u0435\u0433\u043e \u043e\u0442\u043c\u0435\u043d\u0438\u043b.\n\n\u27a1\ufe0f\u041c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0430\u0442\u0430\u043a\u0438:\n\n\u0428\u0430\u0433 1: \u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f\n\u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 HTTP/2 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0441 \u0446\u0435\u043b\u0435\u0432\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c.\n\n\u0428\u0430\u0433 2: \u041e\u0442\u043f\u0440\u0430\u0432\u043a\u0430 malformed frames\n\u041a\u043b\u0438\u0435\u043d\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0438\u0441\u043a\u0430\u0436\u0435\u043d\u043d\u044b\u0435 control frames, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430\u0440\u0443\u0448\u0430\u044e\u0442 \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e HTTP/2.\n\n\u0428\u0430\u0433 3: \u041f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 reset\n\u0421\u0435\u0440\u0432\u0435\u0440, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u0435 frames, \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u0443\u0435\u0442 \u0441\u0431\u0440\u043e\u0441 \u043f\u043e\u0442\u043e\u043a\u043e\u0432 \u0434\u043b\u044f \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u044f \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f.\n\n\u0428\u0430\u0433 4: \u0418\u0441\u0442\u043e\u0449\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432\n\u041c\u0430\u0441\u0441\u043e\u0432\u044b\u0435 \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0431\u0440\u043e\u0441\u044b \u043f\u043e\u0442\u043e\u043a\u043e\u0432 \u043f\u0435\u0440\u0435\u0433\u0440\u0443\u0436\u0430\u044e\u0442 \u0441\u0435\u0440\u0432\u0435\u0440, \u043f\u0440\u0438\u0432\u043e\u0434\u044f \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.\n\n\u27a1\ufe0f\u0418\u043d\u0442\u0435\u0440\u0435\u0441\u0442\u0438\u043d\u0433 \u043c\u043e\u043c\u0435\u043d\u0442\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e HTTP/2 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0439. \u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u043e\u0432 (Cloudflare, AWS, Google) \u0443\u0436\u0435 \u0438\u043c\u0435\u044e\u0442 \u0437\u0430\u0449\u0438\u0442\u0443 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f DoS'\u0430\u043c 2 \u0433\u043e\u0434\u0430 \u043d\u0430\u0437\u0430\u0434 \u0447\u0435\u0440\u0435\u0437 Rapid Reset.\n\n\u27a1\ufe0f\u0417\u0430\u0449\u0438\u0442\u043d\u044b\u0435 \u043c\u0435\u0440\u044b:\n\n\u0414\u043b\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432:\n- \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 HTTP/2 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439\n- \u041f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 rate limiting \u0434\u043b\u044f HTTP/2 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0439\n- \u041c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433 \u0430\u043d\u043e\u043c\u0430\u043b\u044c\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 stream reset\n\n\u041f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0435\u0440\u0441\u0438\u0438:\n# \u041f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0435\u0440\u0441\u0438\u0438 nginx \u0441 HTTP/2\nnginx -V | grep http_v2\n\n# \u041f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 Apache HTTP/2 \u043c\u043e\u0434\u0443\u043b\u044f\napache2ctl -M | grep http2\n\n# \u041c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433 HTTP/2 stream resets\nnetstat -i | grep RST\n\n\ud83d\udd17\u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438:\n- Cloudflare Blog\n- CVE-2025-8671\n\n\ud83c\udf1a @poxek | \ud83c\udf1a \u0411\u043b\u043e\u0433 | \ud83d\udcfa YT | \ud83d\udcfa RT | \ud83d\udcfa VK", "creation_timestamp": "2025-08-20T07:23:20.000000Z"}, {"uuid": "182e7880-d19d-4ca7-b662-7bfff6520421", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/142295", "content": "https://ift.tt/Rn2XP9S\nDangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)", "creation_timestamp": "2023-10-10T17:18:13.000000Z"}, {"uuid": "0f07fd36-a757-4b8a-aabc-073f209f35b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/cvedetector/13160", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12698 - Rapid Reset Unauthenticated Stream Encryption Weakness in OpenShift Enterprise OSE-OLM-Catalogd Container\", \n  \"Content\": \"CVE ID : CVE-2024-12698 \nPublished : Dec. 18, 2024, 5:15 a.m. | 43\u00a0minutes ago \nDescription : An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability (CVE-2023-39325/CVE-2023-44487) where only unauthenticated streams were protected, not streams created by authenticated sources. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-18T07:00:06.000000Z"}, {"uuid": "3ee55500-b2fe-4f5a-b5fa-9eb9ea75170c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/142410", "content": "https://ift.tt/VQflzaC\nCVE-2023-44487 HTTP/2 Rapid Reset Attack", "creation_timestamp": "2023-10-11T00:11:40.000000Z"}, {"uuid": "5bbf9947-6efc-4e30-bd11-d31e6af5e188", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/qbmK9fYth1axrfdAHmjfhl8REmMqRFPuHZYTAd9zR7ZU", "content": "", "creation_timestamp": "2023-10-22T23:25:00.000000Z"}, {"uuid": "e939ef7c-c794-4220-bae5-1cd8976b1e4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/kNLzawh1rwAujtz08dotqTVZcSbN4F51xL0g4fLomfhOjP0", "content": "", "creation_timestamp": "2025-03-22T10:52:29.000000Z"}, {"uuid": "15f49ac7-5db6-4c13-8a8e-1043bf62b46a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/2421", "content": "#exploit\n1. CVE-2025-0108:\nNginx/Apache Path Confusion to Auth Bypass in PAN-OS\nhttps://slcyber.io/blog/nginx-apache-path-confusion-to-auth-bypass-in-pan-os\n\n2. CVE-2024-42009:\nStored XSS in Roundcube Webmail\nhttps://github.com/0xbassiouny1337/CVE-2024-42009\n\n3. CVE-2022-41741, CVE-2022-41742, CVE-2023-44487 Check Script:\nhttps://github.com/moften/CVE-2022-4174_CVE-2022-41742", "creation_timestamp": "2025-02-13T06:00:18.000000Z"}, {"uuid": "ecc17044-98c2-49f3-a917-7bbebb26867d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "Telegram/to4DFz49TeVMD13kMcjgDTlCQdMclkipo0xv3_UOuHSUk6Rm", "content": "", "creation_timestamp": "2025-03-08T04:35:52.000000Z"}, {"uuid": "f2260789-bf83-4edf-a021-746f7ac92622", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/2gfOevRfGxWg7m4YnRYekAswaHacdDlG0r5VQWh5yloD6OA", "content": "", "creation_timestamp": "2024-05-24T01:37:47.000000Z"}, {"uuid": "3eeeb0c1-06cd-4b2d-b9c3-f1a7668551fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/nGbKgSILWzgIOXDvUaueKVD8bw5Qna14SkE3PPURSmNJ", "content": "", "creation_timestamp": "2023-10-22T23:24:11.000000Z"}, {"uuid": "25bdee97-9172-476e-82f1-e086c2951f00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/6638", "content": "#exploit\n1. CVE-2025-0108:\nNginx/Apache Path Confusion to Auth Bypass in PAN-OS\nhttps://slcyber.io/blog/nginx-apache-path-confusion-to-auth-bypass-in-pan-os\n\n2. CVE-2024-42009:\nStored XSS in Roundcube Webmail\nhttps://github.com/0xbassiouny1337/CVE-2024-42009\n\n3. CVE-2022-41741, CVE-2022-41742, CVE-2023-44487 Check Script:\nhttps://github.com/moften/CVE-2022-4174_CVE-2022-41742", "creation_timestamp": "2025-02-13T06:00:18.000000Z"}, {"uuid": "a4a6ad08-701a-4f73-9963-c89662522aa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/r4GccpksLBMuYW9OyJasEmA9bvNZyF1cM7eREPcCtwyRDg", "content": "", "creation_timestamp": "2023-11-06T20:02:46.000000Z"}, {"uuid": "b31d1ac7-9828-4c7e-b1af-6690fc2ff3f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "Telegram/GBahda7mYIxvfaDNfj8-SSU2d16LU5UYSpMKXBkR3Vhvh9Zg", "content": "", "creation_timestamp": "2023-12-03T17:00:22.000000Z"}, {"uuid": "144a7d9d-c336-443a-855e-a1792bbee193", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44483", "type": "seen", "source": "https://t.me/cibsecurity/72687", "content": "\u203c CVE-2023-44483 \u203c\n\nAll versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled.\u00c2\u00a0Users are recommended to upgrade to version 2.2.6, 2.3.4, or 3.0.3, which fixes this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-21T07:13:10.000000Z"}, {"uuid": "4f9519df-8d6a-4162-ad70-1d0e123a5c8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/CZg38d-LlgC4W2LP8NEHb37WHgQN_h5xJ4fjDzzdSDLX", "content": "", "creation_timestamp": "2023-10-23T16:44:42.000000Z"}, {"uuid": "92902834-14af-462c-b404-8392bc6ede2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "Telegram/B_mIs0mKeaeXdym4glAe9vqmtPEkdqD4fk6zNXoJEG97mJNi", "content": "", "creation_timestamp": "2023-10-14T22:22:17.000000Z"}, {"uuid": "2964d68a-3393-41c2-b1ff-ac452b9d2796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/889", "content": "\u26a1 Beware of the HTTP/2 Rapid Reset attack! \n\nA novel zero-day flaw is being exploited to launch record-breaking distributed DDoS attacks. \n\nFind out more here: https://thehackernews.com/2023/10/http2-rapid-reset-zero-day.html \n\nLearn how AWS, Cloudflare, and Google are addressing CVE-2023-44487.", "creation_timestamp": "2023-10-10T17:32:14.000000Z"}, {"uuid": "368190e1-d42a-4819-b694-de81c8861da4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/HVMsYUWTr9m-Towup_bLUqjBTT3mshvZui_eiU4s3oRGdI8", "content": "", "creation_timestamp": "2023-12-06T13:08:09.000000Z"}, {"uuid": "d8263b70-02df-4137-abda-9edfd12ba62c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/Githuseo/260", "content": "https://github.com/bcdannyboy/CVE-2023-44487\n\u57fa\u672c\u6f0f\u6d1e\u626b\u63cf\uff0c\u67e5\u770b Web \u670d\u52a1\u5668\u662f\u5426\u5bb9\u6613\u53d7\u5230 CVE-2023-44487 \u7684\u653b\u51fb", "creation_timestamp": "2023-10-14T06:16:19.000000Z"}, {"uuid": "fcbb4c43-fe19-4fea-8c3f-ac6d895bd782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/RipperSec/712", "content": "\u0633\u0652\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0645\u0650 \u0627\u0644\u0644\u0647\u0650 \u0627\u0644\u0631\u064e\u0651\u062d\u0652\u0645\u064e\u0646\u0650 \u0627\u0644\u0631\u064e\u0651\u062d\u0650\u064a\u0652\u0645\u0650\n\u0627\u0644\u0644\u0647 \u0623\u0643\u0628\u0631\u00a0\u00a0\u0627\u0644\u0644\u0647 \u0623\u0643\u0628\u0631\u00a0\u00a0\u0627\u0644\u0644\u0647 \u0623\u0643\u0628\u0631\n\u0625\u0646 \u0634\u0627\u0621 \u0627\u0644\u0644\u0647\n\nTarget : https://bankjerusalem.co.il\nIP : 66.22.119.20\nHostname : 66.22.119.20\nISP : Redware Inc & Dc Protection Ltd\nInfo: No WAF detected by the generic detection\n\nPORT : 53 filtered domain\nPORT : 80 http\nPORT : 443 https \nMETHOD : TCP/UDP\nDomain : isoc.org.il 51.17.123.48 \nASN: AS16509 \nCountry: IL \nCity: TEL AVIV \nDomain: Amazonaws.com | IIX.NET.IL | ISOC.org.il | \nPorts: 80 | 443 | \nHTTP Status: 301 | \nProvider: Amazon.com, Inc. \nOrganization: A100 Row Inc \nPossible vulnerabilities: CVE-2021-3618 | CVE-2023-44487 |\n\nGreetz:- All Muslim Hackers\n\n#TengkorakCyberCrew \n#EagleCyberCrew\n#RipperSec\n#KhalifahCyberCrew\n#HelangMerahGroup \n#LaskarPembebasanPalestina\n#TeamCyberAbabil\n#Cyberwar PaLestiNe 3.0\n#TABM MALAYSIA-PALESTINE (MyPA)\n\nCome join us!!\nhttps://t.me/MalaysiaHacktivist\nhttps://t.me/MalaysiaHacktivistz", "creation_timestamp": "2024-02-12T14:43:23.000000Z"}, {"uuid": "f9c4bd82-8810-409f-b298-fa81eb91b1d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/arpsyndicate/4903", "content": "#ExploitObserverAlert\n\nCVE-2023-44487\n\nDESCRIPTION: Exploit Observer has 430 entries in 26 file formats related to CVE-2023-44487. The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\n\nFIRST-EPSS: 0.739260000\nNVD-IS: 3.6\nNVD-ES: 3.9\nARPS-PRIORITY: 0.7642706", "creation_timestamp": "2024-05-02T21:31:29.000000Z"}, {"uuid": "521960a3-9f55-42a7-846a-4303d217a000", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/arpsyndicate/1965", "content": "#ExploitObserverAlert\n\nCVE-2023-44487\n\nDESCRIPTION: Exploit Observer has 85 entries related to CVE-2023-44487. The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\n\nFIRST-EPSS: 0.601570000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T10:40:38.000000Z"}, {"uuid": "b2d190ea-fba9-4750-81f3-a13a087111d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/arpsyndicate/1807", "content": "#ExploitObserverAlert\n\nCVE-2023-44487\n\nDESCRIPTION: Exploit Observer has 85 entries related to CVE-2023-44487. The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\n\nFIRST-EPSS: 0.601570000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-12T12:09:50.000000Z"}, {"uuid": "81d1fc8e-ff6b-4c4d-9a61-5774bedc93c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "Telegram/VFcH9B5JY0UbDEuI_6uPR4ZyxdeHpWL3DIgaSyeDZpcSYg", "content": "", "creation_timestamp": "2023-10-10T17:52:37.000000Z"}, {"uuid": "aedbd4e6-7dba-43a2-983c-b5a2f9d3bbbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/nodejsleaks/347", "content": "Private | Custom method | Node.JS\n(Using HTTP/2 Rapid-Reset) [Exploit CVE-2023-44487]\n- Method bypass HTTP-DDoS \n- Method sending big requests/s\n- Using 1 server for graph (8 core | 32 ram | 1 gb/port)\n- More: 8 threads | 128 rate | 5 connections\n\nRegards, @mitigations \u263a\ufe0f", "creation_timestamp": "2023-11-26T00:44:52.000000Z"}, {"uuid": "d78edd4a-6bac-44c3-be95-d8d268f7e81b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/-AN5Wb8nooNX5gMsGMlz_MhqzDd5BvuXA1c7foEp2HLAQVoEiA", "content": "", "creation_timestamp": "2025-03-24T17:54:12.000000Z"}, {"uuid": "02856129-72ef-44fc-a947-83fe51dd3c57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/arpsyndicate/65", "content": "#ExploitObserverAlert\n\nCVE-2023-44487\n\nDESCRIPTION: Exploit Observer has 54 entries related to CVE-2023-44487. The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\n\nFIRST-EPSS: 0.527480000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-11-10T22:12:13.000000Z"}, {"uuid": "1487f790-157c-42b8-97f5-cbcd45d39811", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanOfficial/646", "content": "DDoS methods\n\n1. Find the target domain example.com\n\n2. Try ping to see the IP: ping domain.com\n\n3. Copy the IP address and search near iplocation.net\n\n4. Look at the IP location that points to the correct country or not.\n\n5. If the IP points to the right country, most likely the server is there and can continue the DoS attack with Hping3, LOIC, RUDY and others.\n\n6. If the IP points to a cloud such as google, aws, akamai or waf such as cloudflare, imperva and others, then it cannot be DDoS because it is not the correct IP.\n\n7. To get the correct IP, you can see his DNS records at intodns.com/  . Scroll to look at SOA, MX and CNAME records.\n\n8. Try searching each IP at iplocation.net to see if it points to the correct country or not.\n\n9. Then if it is correct, repeat step 5 earlier. If there is no IP that points to the correct server or country, then look for another target.\n\nGood luck.\n\nViva Operation Israel Hackers!\n\n#Oplsrael - #FreePalestine - #AntiZionism - #Fucklsrael - #Anonymous\n\nhttps://github.com/sp00fing/ddos/blob/main/Layer-7/XML-RPC-Pingback-C/xml\n\nhttps://github.com/MatrixTM/MHDDoS\n\nhttps://ufonet.03c8.net/\n\nhttps://github.com/R00tS3c/DDOS-RootSec\n\nhttps://github.com/LimerBoy/Impulse\n\nlatest 0day for Ddos \n\nCVE-2023-44487\n\nGHOSTS of Palestine \ud83c\uddf5\ud83c\uddf8", "creation_timestamp": "2023-10-14T02:29:27.000000Z"}, {"uuid": "86dbd8bb-d7b1-4ea0-9fcc-fb9eaf272b8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/vO0O31bLCGt8dsAHeykDxjvD1rdqLB0PRbsJDam8FXp0AeE", "content": "", "creation_timestamp": "2025-02-02T06:12:15.000000Z"}, {"uuid": "019c7fb0-ed61-4b7f-b9bc-a8f6c88d78f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/3j8I0isFmLAbte1B6AblKmXFCQRKV1G1C2a7XeAcW0NPN4blEg", "content": "", "creation_timestamp": "2024-08-15T17:04:56.000000Z"}, {"uuid": "6f571705-200e-44e4-bf01-1a92b44e8566", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/LiberationofAlAqsa/905", "content": "\u0627\u0641\u0636\u0644 \u0627\u062f\u0627\u0647 \u0644\u0641\u062d\u0635 \u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0645\u0648\u0627\u0642\u0639 2023 \u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 Kali Linux\n\nhttps://github.com/bcdannyboy/CVE-2023-44487", "creation_timestamp": "2023-12-06T08:20:41.000000Z"}, {"uuid": "03d74977-9c30-43f6-86d0-9a32a4c82cd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/tdSiYql22npcty9iPwOM0bQpYA2KFxntFACu-Cz8kZF6tTA", "content": "", "creation_timestamp": "2023-10-12T07:19:05.000000Z"}, {"uuid": "8e7b485e-7de6-4c24-9246-7367492741cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/HyzQRr244NBXwXjpKZdXabuhBv6fwfetR_-gT7B2VI_Bgw0RAQ", "content": "", "creation_timestamp": "2025-01-19T11:49:25.000000Z"}, {"uuid": "8fb6dc51-ac65-442b-ad5b-fbc4981374b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/Rk-2-MiKSRGO20vlyKqEDzRfwRCTNRmhpRVm2GIEz2ghE7giMw", "content": "", "creation_timestamp": "2025-01-19T11:41:40.000000Z"}, {"uuid": "93efd626-b250-4d5f-98fd-0523ae4cb559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/gcfu4uTEIg28qWTvcVOCKT3PEjHzicQ5yB2xIu5kEy-ne1tA", "content": "", "creation_timestamp": "2023-12-12T10:37:24.000000Z"}, {"uuid": "aa2881c7-1313-43c8-9bab-cbb2ac1be955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/0q0wDMSotjqkkaTjo-wpulHVh7Xs1Oq3u_HHQm_rYiQEfKI", "content": "", "creation_timestamp": "2023-10-12T07:00:13.000000Z"}, {"uuid": "8931c6ac-2c02-4ea4-b57b-ac7371748936", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/NmGuvqrxR56psaGwEYBH3Ex1ej1rR6FgCU_OcnrJpJ0j92g", "content": "", "creation_timestamp": "2023-10-12T04:56:06.000000Z"}, {"uuid": "c6f928a0-a754-4d6c-9e73-98357678f96a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/40", "content": "\u26a1 Beware of the HTTP/2 Rapid Reset attack! \n\nA novel zero-day flaw is being exploited to launch record-breaking distributed DDoS attacks. \n\nFind out more here: https://thehackernews.com/2023/10/http2-rapid-reset-zero-day.html \n\nLearn how AWS, Cloudflare, and Google are addressing CVE-2023-44487.", "creation_timestamp": "2023-10-10T17:32:14.000000Z"}, {"uuid": "6268b36e-8bee-4c44-874b-f5b1b2ddadad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/9N9r8ZPqLAugg6RT8SXcczSP20TZGse6ot0ZEzE89QFl45o", "content": "", "creation_timestamp": "2023-10-12T14:00:35.000000Z"}, {"uuid": "669d8567-6915-488f-b104-ab55d65704df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/KomunitiSiber/914", "content": "HTTP/2 Rapid Reset Zero-Day Vulnerability Exploited to Launch Record DDoS Attacks\nhttps://thehackernews.com/2023/10/http2-rapid-reset-zero-day.html\n\nAmazon Web Services (AWS), Cloudflare, and Google on Tuesday said they took steps to mitigate record-breaking distributed denial-of-service (DDoS) attacks that relied on a novel technique called HTTP/2 Rapid Reset.\nThe\u00a0layer 7 attacks\u00a0were detected in late August 2023, the companies said in a coordinated disclosure. The cumulative susceptibility to this attack is being tracked as\u00a0CVE-2023-44487,", "creation_timestamp": "2023-10-10T18:01:38.000000Z"}, {"uuid": "8322e892-c5af-49a2-a9fd-c1b963013597", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/itARMYofUkraine2022_INT/27624", "content": "Google \u0442\u0430 Amazon \u043d\u0435\u0449\u043e\u0434\u0430\u0432\u043d\u043e \u0432\u0456\u0434\u0431\u0438\u043b\u0438 \u043d\u0430\u0439\u0431\u0456\u043b\u044c\u0448\u0443 \u0432 \u0456\u0441\u0442\u043e\u0440\u0456\u0457 DDoS-\u0430\u0442\u0430\u043a\u0443 \u0437 \u043f\u0456\u043a\u043e\u043c \u0443 398 \u043c\u0456\u043b\u044c\u0439\u043e\u043d\u0456\u0432 \u0437\u0430\u043f\u0438\u0442\u0456\u0432 \u0437\u0430 \u0441\u0435\u043a\u0443\u043d\u0434\u0443, \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u044e\u0447\u0438 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0443 HTTP/2. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0454\u0442\u044c\u0441\u044f \u043d\u0435\u0433\u0430\u0439\u043d\u043e \u043e\u043d\u043e\u0432\u0438\u0442\u0438 \u0432\u0441\u0456 \u0456\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0441\u0435\u0440\u0432\u0456\u0441\u0438 \u0434\u043b\u044f \u0443\u0441\u0443\u043d\u0435\u043d\u043d\u044f \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 CVE-2023-44487, \u0449\u043e\u0431 \u0437\u0430\u043f\u043e\u0431\u0456\u0433\u0442\u0438 \u043f\u043e\u0434\u0456\u0431\u043d\u0438\u043c \u0437\u0430\u0433\u0440\u043e\u0437\u0430\u043c. \u041c\u0430\u0441\u0448\u0442\u0430\u0431 \u0442\u0430 \u0441\u043a\u043b\u0430\u0434\u043d\u0456\u0441\u0442\u044c \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a \u0441\u0442\u0440\u0456\u043c\u043a\u043e \u0437\u0440\u043e\u0441\u0442\u0430\u044e\u0442\u044c, \u0449\u043e \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0437\u043d\u0430\u0447\u043d\u0438\u0439 \u0440\u0438\u0437\u0438\u043a \u0434\u043b\u044f \u0432\u0441\u0435\u0441\u0432\u0456\u0442\u043d\u044c\u043e\u0457 \u043e\u043d\u043b\u0430\u0439\u043d-\u0456\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0438. \u041e\u043d\u043e\u0432\u043b\u044e\u0439\u0442\u0435\u0441\u044c \u0442\u0430 \u0437\u0430\u0445\u0438\u0449\u0430\u0439\u0442\u0435 \u0441\u0432\u043e\u0457 \u0441\u0438\u0441\u0442\u0435\u043c\u0438.\n\n\u041f\u0440\u0438\u0454\u0434\u043d\u0443\u0439\u0442\u0435\u0441\u044c \u0434\u043e \u043d\u0430\u0448\u043e\u0433\u043e \u0447\u0430\u0442\u0443 \u0434\u043b\u044f \u0448\u0432\u0438\u0434\u043a\u043e\u0457 \u043a\u0456\u0431\u0435\u0440\u0434\u043e\u043f\u043e\u043c\u043e\u0433\u0438.\n--\nGoogle and Amazon recently thwarted the largest DDoS attack ever, peaking at 398 million requests per second, exploiting HTTP/2 protocol vulnerability. Urgent action is advised for all internet-facing services to patch against CVE-2023-44487 to prevent similar threats. The scale and sophistication of such attacks are rapidly growing, representing a significant risk to online infrastructure globally. Stay updated on patches and safeguard your systems.\n\nJoin our chat for quick cyberhelp.", "creation_timestamp": "2023-11-10T09:04:41.000000Z"}, {"uuid": "04d2765a-d795-4abb-bcee-a1019c9fe2c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/IYQCJdoDg1iSlKbn8ZslzoAumxbXC4NXxOL9Gs1tonDBX0k", "content": "", "creation_timestamp": "2025-01-19T15:39:14.000000Z"}, {"uuid": "fa9fefc1-1a06-4a56-b21e-ddd7c163c998", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/qDzkx44siSc8n4X8sjQ5ZjiFphGSFajZZfESRCa-0oTFNSE", "content": "", "creation_timestamp": "2025-04-23T05:00:06.000000Z"}, {"uuid": "552f2b7b-7141-4961-a88e-2d8a2ebe66d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/ZJp_VCEhaga9OM9NBvz45K3ssC6nL69JeV_dGqoHwNSpsGU", "content": "", "creation_timestamp": "2025-04-15T05:00:08.000000Z"}, {"uuid": "8372b2e2-c493-4456-b3b6-3ddf15de3088", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/dkxB3yNasTV2nnby0yGIeEfvEQ0j97pj5WFC2YsD2kZioxQ", "content": "", "creation_timestamp": "2025-02-25T10:00:05.000000Z"}, {"uuid": "a529a5bd-9fc7-4108-8ecb-17bf9749213a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/leak_db2/1220", "content": "Examples for implementing cve-2023-44487\n\nhttps://github.com/nxenon/cve-2023-44487", "creation_timestamp": "2023-11-10T10:18:59.000000Z"}, {"uuid": "d5c4fba7-d720-4355-b5ee-2f57aeb240dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/lVJgfs5XAHvajpl794U45S89a4qLDVmI9MW4eeqQE3QLlDc", "content": "", "creation_timestamp": "2025-02-19T16:00:09.000000Z"}, {"uuid": "da08e68f-7fb9-4e8e-8836-04b4f0614ca1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ashaburroyah313/870", "content": "\u0633\u0652\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0645\u0650 \u0627\u0644\u0644\u0647\u0650 \u0627\u0644\u0631\u064e\u0651\u062d\u0652\u0645\u064e\u0646\u0650 \u0627\u0644\u0631\u064e\u0651\u062d\u0650\u064a\u0652\u0645\u0650\n\u0627\u0644\u0644\u0647 \u0623\u0643\u0628\u0631\u00a0\u00a0\u0627\u0644\u0644\u0647 \u0623\u0643\u0628\u0631\u00a0\u00a0\u0627\u0644\u0644\u0647 \u0623\u0643\u0628\u0631\n\u0625\u0646 \u0634\u0627\u0621 \u0627\u0644\u0644\u0647\n\nTarget : https://bankjerusalem.co.il\nIP : 66.22.119.20\nHostname : 66.22.119.20\nISP : Redware Inc & Dc Protection Ltd\nInfo: No WAF detected by the generic detection\n\nPORT : 53 filtered domain\nPORT : 80 http\nPORT : 443 https \nMETHOD : TCP/UDP\nDomain : isoc.org.il 51.17.123.48 \nASN: AS16509 \nCountry: IL \nCity: TEL AVIV \nDomain: Amazonaws.com | IIX.NET.IL | ISOC.org.il | \nPorts: 80 | 443 | \nHTTP Status: 301 | \nProvider: Amazon.com, Inc. \nOrganization: A100 Row Inc \nPossible vulnerabilities: CVE-2021-3618 | CVE-2023-44487 |\n\nGreetz:- All Muslim Hackers\n\n#TengkorakCyberCrew \n#EagleCyberCrew\n#RipperSec\n#KhalifahCyberCrew\n#HelangMerahGroup \n#LaskarPembebasanPalestina\n#TeamCyberAbabil\n#Cyberwar PaLestiNe 3.0\n#TABM MALAYSIA-PALESTINE (MyPA)\n\nCome join us!!\nhttps://t.me/MalaysiaHacktivist\nhttps://t.me/MalaysiaHacktivistz", "creation_timestamp": "2024-02-12T14:57:44.000000Z"}, {"uuid": "a931c4b4-984d-4b0b-8cc5-8aaa0626c854", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/itarmyofukraine2022/1786", "content": "Google \u0442\u0430 Amazon \u043d\u0435\u0449\u043e\u0434\u0430\u0432\u043d\u043e \u0432\u0456\u0434\u0431\u0438\u043b\u0438 \u043d\u0430\u0439\u0431\u0456\u043b\u044c\u0448\u0443 \u0432 \u0456\u0441\u0442\u043e\u0440\u0456\u0457 DDoS-\u0430\u0442\u0430\u043a\u0443 \u0437 \u043f\u0456\u043a\u043e\u043c \u0443 398 \u043c\u0456\u043b\u044c\u0439\u043e\u043d\u0456\u0432 \u0437\u0430\u043f\u0438\u0442\u0456\u0432 \u0437\u0430 \u0441\u0435\u043a\u0443\u043d\u0434\u0443, \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u044e\u0447\u0438 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0443 HTTP/2. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0454\u0442\u044c\u0441\u044f \u043d\u0435\u0433\u0430\u0439\u043d\u043e \u043e\u043d\u043e\u0432\u0438\u0442\u0438 \u0432\u0441\u0456 \u0456\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0441\u0435\u0440\u0432\u0456\u0441\u0438 \u0434\u043b\u044f \u0443\u0441\u0443\u043d\u0435\u043d\u043d\u044f \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 CVE-2023-44487, \u0449\u043e\u0431 \u0437\u0430\u043f\u043e\u0431\u0456\u0433\u0442\u0438 \u043f\u043e\u0434\u0456\u0431\u043d\u0438\u043c \u0437\u0430\u0433\u0440\u043e\u0437\u0430\u043c. \u041c\u0430\u0441\u0448\u0442\u0430\u0431 \u0442\u0430 \u0441\u043a\u043b\u0430\u0434\u043d\u0456\u0441\u0442\u044c \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a \u0441\u0442\u0440\u0456\u043c\u043a\u043e \u0437\u0440\u043e\u0441\u0442\u0430\u044e\u0442\u044c, \u0449\u043e \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0437\u043d\u0430\u0447\u043d\u0438\u0439 \u0440\u0438\u0437\u0438\u043a \u0434\u043b\u044f \u0432\u0441\u0435\u0441\u0432\u0456\u0442\u043d\u044c\u043e\u0457 \u043e\u043d\u043b\u0430\u0439\u043d-\u0456\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0438. \u041e\u043d\u043e\u0432\u043b\u044e\u0439\u0442\u0435\u0441\u044c \u0442\u0430 \u0437\u0430\u0445\u0438\u0449\u0430\u0439\u0442\u0435 \u0441\u0432\u043e\u0457 \u0441\u0438\u0441\u0442\u0435\u043c\u0438.\n\n\u041f\u0440\u0438\u0454\u0434\u043d\u0443\u0439\u0442\u0435\u0441\u044c \u0434\u043e \u043d\u0430\u0448\u043e\u0433\u043e \u0447\u0430\u0442\u0443 \u0434\u043b\u044f \u0448\u0432\u0438\u0434\u043a\u043e\u0457 \u043a\u0456\u0431\u0435\u0440\u0434\u043e\u043f\u043e\u043c\u043e\u0433\u0438.\n--\nGoogle and Amazon recently thwarted the largest DDoS attack ever, peaking at 398 million requests per second, exploiting HTTP/2 protocol vulnerability. Urgent action is advised for all internet-facing services to patch against CVE-2023-44487 to prevent similar threats. The scale and sophistication of such attacks are rapidly growing, representing a significant risk to online infrastructure globally. Stay updated on patches and safeguard your systems.\n\nJoin our chat for quick cyberhelp.", "creation_timestamp": "2023-11-10T09:01:52.000000Z"}, {"uuid": "ed872285-81ec-4ee4-b40a-d2d8980cc85c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/proxy_bar/1781", "content": "CVE-2023-44487\n\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2\n\u041f\u043e\u043a\u0430 exploit (\u0437\u0430\u0442\u043e\u0447\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 DOS) \u043f\u043e\u043b\u0437\u0430\u043b \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u043f\u043e\u0434 \u0430\u0442\u0430\u043a\u0443 \u043f\u043e\u043f\u0430\u043b\u0438 Google, AWS, CloudFlare \\ etc\n\u041f\u0438\u043a \u0430\u0442\u0430\u043a\u0438 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u043b 389 000 000 (\u0434\u0430 \u0434\u0430) \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443.\n\u041d\u0443 \u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0436\u0435 \u0432\u0441\u0435 \u044d\u0442\u043e \u0443\u043f\u043b\u044b\u043b\u043e ))))\n\u041a\u0441\u0442\u0430\u0442\u0438 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0439 \u043e\u0442\u0447\u0435\u0442 \u0435\u0441\u0442\u044c \u0443 HAproxy, \u0442\u0438\u043f\u0430 \u043d\u0430\u0448\u0430 \u0445\u0430\u0442\u0430 \u0441 \u043a\u0440\u0430\u044e \u0438 \u0432\u043e\u043e\u0431\u0449\u0435 \u043d\u0430\u0448 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a \u043d\u0435 \u0414\u043e\u0421\u0438\u0442\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e.\n\nlink 1\nlink 2\nlink 3\nlink 4\nlink 5\nwhat the fuck notes \n\n#DoS #HA", "creation_timestamp": "2023-10-16T23:22:24.000000Z"}, {"uuid": "51d9cb49-1e6e-4eb7-bf15-7707e4fe583b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/murdernet/845", "content": "Planned Updates Regarding Upcoming BROWSER Method Soon To Be Added!\n\n+ Improved Detection Against Cloudflares HTTP DDOS & UAM Detection.\n+ Improved Detection Against Cloudflares JS Challenges.\n+ Improved Detection Against MyArena JS Challenges.\n+ Improved Detection Against vShield JS Challenges & Browser Checks.\n\n- Current Research - \n- HTTP/2 Rapid Reset Exploit (CVE-2023-44487)\n- 1:1 Browser Emulation Regarding a Mix Of HTTP/2 + HTTP/3 Versions\n\n- @bassings | Admin & Method Development", "creation_timestamp": "2024-01-08T02:22:06.000000Z"}, {"uuid": "e2326c9f-19b4-422e-897e-0cab74ae0fbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6372", "content": "DDoS methods\n\n1. Find the target domain example.com\n\n2. Try ping to see the IP: ping domain.com\n\n3. Copy the IP address and search near iplocation.net\n\n4. Look at the IP location that points to the correct country or not.\n\n5. If the IP points to the right country, most likely the server is there and can continue the DoS attack with Hping3, LOIC, RUDY and others.\n\n6. If the IP points to a cloud such as google, aws, akamai or waf such as cloudflare, imperva and others, then it cannot be DDoS because it is not the correct IP.\n\n7. To get the correct IP, you can see his DNS records at intodns.com/  . Scroll to look at SOA, MX and CNAME records.\n\n8. Try searching each IP at iplocation.net to see if it points to the correct country or not.\n\n9. Then if it is correct, repeat step 5 earlier. If there is no IP that points to the correct server or country, then look for another target.\n\nGood luck.\n\nViva Operation Israel Hackers!\n\n#Oplsrael - #FreePalestine - #AntiZionism - #Fucklsrael - #Anonymous\n\nhttps://github.com/sp00fing/ddos/blob/main/Layer-7/XML-RPC-Pingback-C/xml\n\nhttps://github.com/MatrixTM/MHDDoS\n\nhttps://ufonet.03c8.net/\n\nhttps://github.com/R00tS3c/DDOS-RootSec\n\nhttps://github.com/LimerBoy/Impulse\n\nlatest 0day for Ddos \n\nCVE-2023-44487\n\nhttps://t.me/GrayHatsHack", "creation_timestamp": "2024-05-30T09:10:39.000000Z"}, {"uuid": "51a3ed8c-0514-4a7d-bb76-54c6a9e1c0d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/5856", "content": "\u041f\u043e\u0434 \u043a\u043e\u043d\u0435\u0446 \u043d\u0435\u0434\u0435\u043b\u0438 \u043f\u043e\u0434\u043e\u0441\u043f\u0435\u043b\u0438 PoC \u0434\u043b\u044f \u0440\u0430\u0437\u043d\u043e\u0433\u043e \u0440\u043e\u0434\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438 \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435\u043f\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0431\u0443\u0434\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u041e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u0435 \u0437\u0430\u0438\u043d\u0442\u0435\u0440\u0435\u0441\u0443\u0435\u0442 PoC \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Veeam Recovery Orchestrator \u0432\u0435\u0440\u0441\u0438\u0439 7.0.0.337 \u0438 7.1.0.205 \u0438 \u0441\u0442\u0430\u0440\u0448\u0435,\u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2024-29855 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c 9.0 \u043f\u043e CVSS v3.1.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u043e\u0439\u0442\u0438 \u0432 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 VRO \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\u00a0\n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u00a0\u0421\u0438\u043d\u0430 \u0425\u0435\u0439\u0440\u043a\u0445\u0430\u0445, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0432 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u043f\u043e \u044d\u0442\u043e\u043c\u0443 \u043f\u043e\u0432\u043e\u0434\u0443 \u0443 \u0441\u0435\u0431\u044f \u043d\u0430 \u0441\u0430\u0439\u0442\u0435.\n\n\u0410 \u0432\u043e\u0442 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0430\u044f Qrator Labs \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0434\u0435\u043b\u044f\u0442\u0441\u044f \u043a\u043e\u0434\u043e\u043c PoC \u0434\u043b\u044f DDoS-\u0430\u0442\u0430\u043a\u0438 HTTP/2 Rapid Reset (CVE-2023-44487).\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c CertiK SkyFall \u0412\u0430\u043d \u0422\u0438\u043b\u0435\u0439 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b PoC \u0434\u043b\u044f CVE-2024-27801, \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 NSXPC \u0432 macOS \u0438 iOS \u043e\u0442 Apple.\n\n\u041e\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0438\u0445 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0434\u0435\u0441\u044f\u0442\u044c \u043b\u0435\u0442 \u043d\u0430\u0437\u0430\u0434. Apple \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u0430\u0435.\n\nHorizon3 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0438 PoC \u0434\u043b\u044f CVE-2024-29824, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f SQL \u0432 Ivanti EPM.\n\n\u041f\u043e\u043a\u0430 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u0439\u00a0\u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u043e\u0441\u044c, \u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043a\u0430.\n\n\u0412\u044b\u0448\u043b\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0438 PoC \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CVE-2024\u20134956) \u0432 Sonatype Nexus. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u0430\u0435.", "creation_timestamp": "2024-06-14T14:23:44.000000Z"}, {"uuid": "6fdfc40f-7eb0-4a0d-bf4f-5c8419ccdd23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/true_secator/6092", "content": "\u0412\u0435\u0434\u0443\u0449\u0438\u0435 \u0432\u0435\u043d\u0434\u043e\u0440\u044b ICS Siemens, Schneider Electric, Rockwell Automation \u0438 Aveva \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 \u0435\u0436\u0435\u043c\u0435\u0441\u044f\u0447\u043d\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f ICS.\n\nSiemens\u00a0\u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 9 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439, \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0438\u0445 \u043e\u043a\u043e\u043b\u043e 50 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u041f\u0440\u0438\u0447\u0435\u043c \u043e\u043a\u043e\u043b\u043e 30 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0432 SINEC Network Management System (NMS), \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0438 \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b, \u0432 \u0438\u0445 \u0441\u043f\u0438\u0441\u043e\u043a \u0442\u0430\u043a\u0436\u0435 \u0432\u0445\u043e\u0434\u0438\u0442 CVE-2023-44487, \u043a\u043e\u0442\u043e\u0440\u0430\u044f\u00a0\u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0445 DDoS-\u0430\u0442\u0430\u043a HTTP/2 Rapid Reset.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Siemens \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE, DoS \u0438\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Intralog WMS, Teamcenter Visualization, JT2Go, NX, Scalance M-800, Sinec Traffic Analyzer \u0438 Comos.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0437\u0430\u0449\u0438\u0442\u043e\u0439 \u043f\u0430\u0440\u043e\u043b\u0435\u043c \u0432 Location Intelligence \u0438 Logo.\n\nSchneider Electric\u00a0\u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0434\u0432\u0430 \u043d\u043e\u0432\u044b\u0445 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f, \u043e\u0434\u0438\u043d \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u043d\u0444\u043e\u0440\u043c\u0438\u0440\u0443\u0435\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 EcoStruxure Machine SCADA Expert \u0438 Blue Open Studio, \u0432\u043e\u0437\u043d\u0438\u043a\u0448\u0435\u0439 \u0438\u0437-\u0437\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Aveva, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a EoP.\n\n\u0412\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 Schneider \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0432\u043b\u0438\u044f\u044e\u0449\u0443\u044e \u043d\u0430 \u041f\u041e Accutech Manager, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u0435 \u0434\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0438 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u0442\u0447\u0438\u043a\u043e\u0432 Accutech. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u041f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u041f\u041e\u00a0Aveva\u00a0\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e \u0442\u0440\u0435\u0445 \u043d\u043e\u0432\u044b\u0445 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f\u0445 - \u0432\u0441\u0435 \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c DoS \u0432 SuiteLink Server, \u043e\u0448\u0438\u0431\u043a\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0438 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u044f\u0446\u0438\u0438 \u0441 \u0444\u0430\u0439\u043b\u0430\u043c\u0438 \u0432 Aveva Reports for Operations, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0448\u0438\u0431\u043a\u0443 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 Historian Server.\n\nRockwell Automation\u00a0\u0437\u0430\u044f\u0432\u0438\u043b\u0430 \u043e \u0434\u0435\u0432\u044f\u0442\u0438 \u043d\u043e\u0432\u044b\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441\u043e \u0441\u0440\u0435\u0434\u043d\u0438\u043c \u0438 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u044f\u043c\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\u00a0\n\n\u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u043e\u0448\u0438\u0431\u043a\u0438 RCE \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 AADvance \u0438 FactoryTalk, \u0430 \u0442\u0430\u043a\u0436\u0435 DoS - \u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430\u0445 CompactLogix, GuardLogix, ControlLogix \u0438 Micro.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u044d\u0442\u043e\u0433\u043e Rockwell \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043e\u0448\u0438\u0431\u043a\u0443 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 DataMosaix, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 DLL \u0432 Emulate3D \u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0441 \u043d\u0435\u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0432 Pavilion8.", "creation_timestamp": "2024-08-14T16:00:07.000000Z"}, {"uuid": "de375d5a-4115-4b9e-af13-0dbb458dc61e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/true_secator/5396", "content": "Fortinet \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043d\u043e\u0432\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 FortiOS SSL VPN, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\nCVE-2024-21762 (FG-IR-24-015) \u0438\u043c\u0435\u0435\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 CVSS 9,6 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u0438 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0433\u0440\u0430\u043d\u0438\u0446 \u0432 FortiOS.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438\u043b\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u0447\u0435\u0440\u0435\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u044b.\n\n\u0414\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043a\u0438, Fortinet \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u0430 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0435\u0441\u043b\u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435 \u0443\u0434\u0430\u0435\u0442\u0441\u044f - \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043c\u043e\u0436\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c, \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0432 SSL VPN \u043d\u0430 \u0441\u0432\u043e\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441 FortiOS.\n\n\u0427\u0442\u043e \u0436\u0435 \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, Fortinet \u043d\u0435 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439, \u0440\u0430\u0432\u043d\u043e \u0438 \u0442\u043e\u043c, \u043a\u0442\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\n\n\u0418\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043b\u0438\u0448\u044c \u0442\u043e, \u0447\u0442\u043e \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043d\u0430\u0440\u044f\u0434\u0443 \u0441 \u043d\u0435\u0439 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0440\u0430\u0441\u043a\u0440\u044b\u043b \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0438 \u043f\u043e \u0434\u0440\u0443\u0433\u0438\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c, \u0441\u0440\u0435\u0434\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445: CVE-2024-23113 (\u0440\u0435\u0439\u0442\u0438\u043d\u0433 9,8), CVE-2023-44487 \u0438 CVE-2023-47537 (\u043e\u0431\u0435 \u0441\u043e \u0441\u0440\u0435\u0434\u043d\u0438\u043c \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c). \u041e\u0434\u043d\u0430\u043a\u043e \u0438\u0445 \u043d\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438 \u043a\u0430\u043a \u0440\u0435\u0430\u043b\u044c\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0432 \u0432\u0438\u0434\u0443 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f CVE-2024-21762 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.", "creation_timestamp": "2024-02-09T11:20:05.000000Z"}, {"uuid": "9ef14cdb-b0a7-4a9f-9446-4703eb2e4a9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/true_secator/4954", "content": "\u041d\u043e\u0432\u044b\u0439 \u043c\u0435\u0442\u043e\u0434 DDoS-\u0430\u0442\u0430\u043a\u0438 HTTP/2 Rapid Reset \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a 0-day \u0438 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0435\u0432\u0437\u043e\u0448\u0435\u043b \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0440\u0435\u043a\u043e\u0440\u0434\u043d\u044b\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 DDoS. \n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0442\u0440\u0435\u0432\u043e\u0433\u0443 \u0431\u044c\u044e\u0442 \u0442\u0430\u043a\u0438\u0435 \u043c\u0430\u0441\u0442\u043e\u0434\u043e\u043d\u0442\u044b, \u043a\u0430\u043a Amazon Web Services, Cloudflare \u0438 Google, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0438\u0441\u044c \u0438 \u0431\u044b\u043b\u0438 \u0432\u044b\u043d\u0443\u0436\u0434\u0435\u043d\u044b \u043e\u0442\u0440\u0430\u0436\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0441\u0432\u043e\u0435\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u044e\u0449\u0438\u0435 155, 201 \u0438 \u0440\u0435\u043a\u043e\u0440\u0434\u043d\u044b\u0435 398 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n\u0410\u0442\u0430\u043a\u0430 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2 (CVE-2023-44487), \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u043e\u0442\u043c\u0435\u043d\u044b \u043f\u043e\u0442\u043e\u043a\u0430, \u043d\u0435\u043f\u0440\u0435\u0440\u044b\u0432\u043d\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0438 \u043e\u0442\u043c\u0435\u043d\u044f\u044f \u0437\u0430\u043f\u0440\u043e\u0441\u044b, \u0447\u0442\u043e \u043f\u0435\u0440\u0435\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0438\u043b\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0438 \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 DoS.\n\nGoogle \u0441\u043c\u043e\u0433 \u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c\u0441\u044f \u0441 \u0430\u0442\u0430\u043a\u0430\u043c\u0438, \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u0434\u043e\u0431\u0430\u0432\u0438\u043b \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u044c \u043d\u0430 \u043f\u0435\u0440\u0438\u0444\u0435\u0440\u0438\u0438 \u0441\u0432\u043e\u0435\u0439 \u0441\u0435\u0442\u0438.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 HTTP/2 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0434\u043b\u0438\u043d\u043d\u044b\u0445 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0435\u0439 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\nCloudflare, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043c\u044f\u0433\u0447\u0438\u043b \u0430\u0442\u0430\u043a\u0443 \u0432 \u0442\u0440\u0438 \u0440\u0430\u0437\u0430 \u0431\u043e\u043b\u044c\u0448\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u0441\u0432\u043e\u0435\u0433\u043e \u0430\u043d\u0442\u0438\u0440\u0435\u043a\u043e\u0440\u0434\u0430, \u043e\u0436\u0438\u0434\u0430\u0435\u0442, \u0447\u0442\u043e HTTP/2 Rapid Reset \u0431\u0443\u0434\u0443\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0440\u0430\u0441\u0442\u0438 \u0438 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c\u0441\u044f, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0435\u043f\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0441\u0432\u043e\u044f\u0442 \u043d\u043e\u0432\u044b\u0439 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e \u043d\u0430\u0440\u0430\u0441\u0442\u044f\u0442 \u0441\u0432\u043e\u0438 \u0431\u043e\u0442\u043d\u0435\u0442\u044b.\n\nCloudflare \u0443\u0436\u0435 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b \u043a\u043e\u043b\u043e\u0441\u0441\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u043e\u0441\u0442 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u0439 \u0441\u0440\u0435\u0434\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0438 \u0435\u0441\u043b\u0438 \u0432\u044b \u0443\u0432\u0438\u0434\u0435\u043b\u0438 \u043e\u0448\u0438\u0431\u043a\u0443 502 \u0432\u043c\u0435\u0441\u0442\u043e \u0436\u0435\u043b\u0430\u0435\u043c\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430 \u0441\u0430\u0439\u0442\u0430, \u0442\u043e \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u044d\u0442\u043e \u0434\u0435\u043b\u043e \u0440\u0443\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.", "creation_timestamp": "2023-10-11T19:34:48.000000Z"}, {"uuid": "e937c061-5be8-402e-8dc6-a5995fc9823e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44483", "type": "seen", "source": "https://t.me/ctinow/182485", "content": "https://ift.tt/NzT35pu\nCVE-2023-44483 | Oracle PeopleSoft Enterprise PeopleTools 8.59/8.60/8.61 Security information disclosure", "creation_timestamp": "2024-02-10T09:07:10.000000Z"}, {"uuid": "1c61484b-ca08-4c75-865e-9ac8e5bd6edb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/true_secator/4951", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b Microsoft October 2023 Patch Tuesday, \u0430 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u043d\u0438\u043c \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f 104 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0440\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 0-day.\n\n\u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u0437\u0430\u043a\u0440\u044b\u0442\u043e 26 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 3 - \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 45 - RCE (\u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0442\u043e\u043b\u044c\u043a\u043e 12 \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u044b \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435), 12 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 17 - DoS \u0438 1 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u043e\u043c.\n\n\u041f\u043e\u043c\u0438\u043c\u043e 104, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Chromium, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2023-5346, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 3 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0438 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0435\u043d\u0430 \u043d\u0430 Microsoft Edge.\n\n\u0418\u0437 \u0442\u0440\u0435\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u043d\u0435\u0440\u0430\u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u043e\u0441\u0442\u0430\u043b\u0430\u0441\u044c \u043b\u0438\u0448\u044c \u043e\u0434\u043d\u0430.\n\n\u041f\u0435\u0440\u0432\u0430\u044f 0-day, CVE-2023-41763, - \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Skype \u0434\u043b\u044f \u0431\u0438\u0437\u043d\u0435\u0441\u0430, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0439\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u043d\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u0432\u043d\u0435\u0441\u0442\u0438 \u0432 \u043d\u0435\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f.\n\n\u0411\u0430\u0433\u0443 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0424\u043b\u043e\u0440\u0438\u0430\u043d \u0425\u0430\u0443\u0437\u0435\u0440, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442, \u0447\u0442\u043e \u044d\u0442\u043e \u0442\u0430\u00a0\u0436\u0435 \u0441\u0430\u043c\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0440\u0430\u043d\u0435\u0435 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430 \u043e\u043d \u0443\u0436\u0435 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u044f\u043b Microsoft, \u0442\u043e\u0433\u0434\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0442\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0435\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c. \u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440 \u0441\u0447\u0438\u0442\u0430\u0435\u0442 \u0442\u0430\u043a\u0436\u0435, \u0447\u0442\u043e \u0435\u0435 \u043c\u043e\u0434\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0432 \u043f\u0435\u0440\u0438\u043c\u0435\u0442\u0440.\n\n\u0414\u0440\u0443\u0433\u0430\u044f CVE-2023-36563\u00a0\u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Microsoft WordPad \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438. \u0415\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 NTLM-\u0445\u044d\u0448\u0435\u0439 \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430 \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438.\n\n\u0427\u0442\u043e\u0431\u044b \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u043e\u0439\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u0437\u0430\u0442\u0435\u043c \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0435 \u041f\u041e, \u0447\u0442\u043e \u0438 \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044e \u043d\u0430\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439. \u041f\u043e\u043c\u0438\u043c\u043e \u044d\u0442\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 Microsoft Threat Intelligence \u0438, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0442\u0432\u0435\u0442\u0432\u043b\u0435\u043d\u0438\u0435\u043c CVE-2023-36761, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435.\n\n\u0418 \u043d\u0430\u043a\u043e\u043d\u0435\u0446, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u043d\u043e\u0432\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u0438 DDoS-\u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2023-44487 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c HTTP/2 Rapid Reset, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0441 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u0438 \u0431\u044c\u0435\u0442 \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0440\u0435\u043a\u043e\u0440\u0434\u044b \u043f\u043e DDoS.\n\n\u0410\u0442\u0430\u043a\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u043e\u0442\u043c\u0435\u043d\u044b \u043f\u043e\u0442\u043e\u043a\u0430 HTTP/2 \u0438 \u043d\u0435 \u0438\u043c\u0435\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0431\u044b \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c, \u043a\u0440\u043e\u043c\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u0438 \u0438\u043b\u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430. Microsoft \u0432\u044b\u0431\u0440\u0430\u043d \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u044b\u043b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0441\u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b Cloudflare, Amazon \u0438 Google. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442\u0441\u044f.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 Microsoft October 2023 Patch Tuesday, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d\u00a0\u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2023-10-11T13:47:32.000000Z"}, {"uuid": "e56efba5-ad4a-4fcb-954e-de297a9b92ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/cibsecurity/72761", "content": "\u203c CVE-2023-45802 \u203c\n\nWhen a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.This was found by the reporter during testing of\u00c2\u00a0CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.Users are recommended to upgrade to version 2.4.58, which fixes the issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-23T12:37:26.000000Z"}, {"uuid": "4ceebc03-e3de-413d-bc83-ce2469fdb92d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/182507", "content": "https://ift.tt/nThfJup\nCVE-2023-44487 | Oracle Agile PLM 9.3.6 Security denial of service", "creation_timestamp": "2024-02-10T10:11:50.000000Z"}, {"uuid": "9d25ac88-488a-4903-9f5e-c6848f99ffed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/182482", "content": "https://ift.tt/qvKHu9Q\nCVE-2023-44487 | Oracle PeopleSoft Enterprise PeopleTools 8.59/8.60/8.61 Open Search/Elastic Search denial of service", "creation_timestamp": "2024-02-10T09:07:07.000000Z"}, {"uuid": "4691519f-64e8-469b-8c5f-a2b0572b13b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/182505", "content": "https://ift.tt/5BxFi3z\nCVE-2023-44487 | Oracle Siebel CRM Prior to 23.12 EAI /UI denial of service", "creation_timestamp": "2024-02-10T10:11:47.000000Z"}, {"uuid": "0d94470c-d78f-4996-a0c2-61639bd5021d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/182500", "content": "https://ift.tt/KnMuxdG\nCVE-2023-44487 | Oracle Retail EFTLink 20.0.1/21.0.0/23.0.0 Install denial of service", "creation_timestamp": "2024-02-10T09:41:19.000000Z"}, {"uuid": "e71e50f1-c7fe-47fe-a403-09b3183b4eee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/181027", "content": "https://ift.tt/42PWznR\nCVE-2023-44487 | Oracle Communications Network Analytics Data Director 23.2.0.0.2/23.3.0.0.0 Third Party denial of service", "creation_timestamp": "2024-02-07T23:16:39.000000Z"}, {"uuid": "0acdbbb1-21a5-441c-b420-63811b96bdaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/181012", "content": "https://ift.tt/hbV45Sv\nCVE-2023-44487 | Oracle Communications Network Analytics Data Director 23.2.0.0.2/23.3.0.0.0 Install/Upgrade denial of service", "creation_timestamp": "2024-02-07T22:46:58.000000Z"}, {"uuid": "3a4920d6-9e9a-46b3-ba84-5c17e55f64fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180866", "content": "https://ift.tt/FL3ZnTh\nCVE-2023-44487 | Oracle Communications Cloud Native Core Network Repository Function Install/Upgrade denial of service", "creation_timestamp": "2024-02-07T18:12:07.000000Z"}, {"uuid": "059727ac-4173-49d5-9b9a-3fe78a30f632", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180592", "content": "https://ift.tt/o7dctMn\nCVE-2023-44487 | Oracle Communications Messaging Server 8.1.0.24.0 Security denial of service", "creation_timestamp": "2024-02-07T09:37:02.000000Z"}, {"uuid": "524fd3eb-62d5-4bf6-ac38-dc6321c02a63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44483", "type": "seen", "source": "https://t.me/ctinow/181071", "content": "https://ift.tt/0apZE8e\nCVE-2023-44483 | Oracle Communications Cloud Native Core Console 23.3.1 Configuration information disclosure", "creation_timestamp": "2024-02-08T01:26:06.000000Z"}, {"uuid": "20e62728-d8f9-4410-bafd-319aea961435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180590", "content": "https://ift.tt/flMyRzj\nCVE-2023-44487 | Oracle Communications Convergent Charging Controller 12.0.6.0.0/15.0.0.0.0 Common Functions denial of service", "creation_timestamp": "2024-02-07T09:37:00.000000Z"}, {"uuid": "9953c906-f4aa-4d8c-a58d-dd971284f923", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180611", "content": "https://ift.tt/6JX7Upk\nCVE-2023-44487 | Oracle Communications Service Catalog and Design 7.4.0.7.0/7.4.1.5.0/7.4.2.8.0 PSR Designer denial of service", "creation_timestamp": "2024-02-07T10:36:05.000000Z"}, {"uuid": "0356f86f-8337-4d39-b26f-6b662d16c6ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180905", "content": "https://ift.tt/Op3gNPZ\nCVE-2023-44487 | Oracle Communications Cloud Native Core Network Slice Selection Function Install/Upgrade denial of service", "creation_timestamp": "2024-02-07T19:16:39.000000Z"}, {"uuid": "03708f38-35fc-4a71-9c5c-f0936908d456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180996", "content": "https://ift.tt/0d8Fi2J\nCVE-2023-44487 | Oracle Communications Network Analytics Data Director 23.2.0.0.2/23.3.0.0.0 General denial of service", "creation_timestamp": "2024-02-07T22:22:03.000000Z"}, {"uuid": "b95411a6-3891-48a7-8e8b-8de19642d3b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180950", "content": "https://ift.tt/e7KtSY3\nCVE-2023-44487 | Oracle Communications Cloud Native Core Unified Data Repository Signaling denial of service", "creation_timestamp": "2024-02-07T20:46:46.000000Z"}, {"uuid": "e37a6013-f575-4520-9853-7d1a5e36428c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180949", "content": "https://ift.tt/GMYTdj1\nCVE-2023-44487 | Oracle Communications Cloud Native Core Unified Data Repository Signaling denial of service", "creation_timestamp": "2024-02-07T20:46:45.000000Z"}, {"uuid": "2402ce1f-2f42-4805-89fa-123cf6bd5729", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180937", "content": "https://ift.tt/kybjTBe\nCVE-2023-44487 | Oracle Communications Cloud Native Core Unified Data Repository Signaling denial of service", "creation_timestamp": "2024-02-07T20:16:20.000000Z"}, {"uuid": "ce09d0ab-53ce-42af-b40f-6f0ced18525a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180928", "content": "https://ift.tt/ln0UfXB\nCVE-2023-44487 | Oracle Communications Cloud Native Core Security Edge Protection Proxy Signaling denial of service", "creation_timestamp": "2024-02-07T19:46:29.000000Z"}, {"uuid": "1086b715-9ee2-4673-a47e-b3e4b68eb982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180904", "content": "https://ift.tt/bx67J2v\nCVE-2023-44487 | Oracle Communications Cloud Native Core Network Slice Selection Function Install/Upgrade denial of service", "creation_timestamp": "2024-02-07T19:16:38.000000Z"}, {"uuid": "a4b8c242-eecd-44c1-81e2-af768a05d612", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180900", "content": "https://ift.tt/oDOMV6b\nCVE-2023-44487 | Oracle Communications Cloud Native Core Network Repository Function Install/Upgrade denial of service", "creation_timestamp": "2024-02-07T18:46:58.000000Z"}, {"uuid": "8efc2d00-e78a-4fec-821b-b13f2569efec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180612", "content": "https://ift.tt/3yP4TG5\nCVE-2023-44487 | Oracle Communications Service Catalog and Design 7.4.0.7.0/7.4.1.5.0/7.4.2.8.0 PSR Designer denial of service", "creation_timestamp": "2024-02-07T10:36:06.000000Z"}, {"uuid": "fefbd1c1-a3e4-42c1-a46b-fb0d2673b345", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44483", "type": "seen", "source": "https://t.me/ctinow/180677", "content": "https://ift.tt/mxNW3hS\nCVE-2023-44483 | Oracle Communications Service Catalog and Design 7.4.2.8.0 PSR Designer information disclosure", "creation_timestamp": "2024-02-07T12:41:09.000000Z"}, {"uuid": "4d66f369-4781-4bff-9ac6-fa88f85976f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180601", "content": "https://ift.tt/3gCWPS4\nCVE-2023-44487 | Oracle Communications Network Charging and Control 12.0.6.0.0/15.0.0.0.0 Common Functions denial of service", "creation_timestamp": "2024-02-07T10:06:44.000000Z"}, {"uuid": "6b1865be-58ad-4dc6-8c2b-5ba098cffe19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180604", "content": "https://ift.tt/qSTR35Y\nCVE-2023-44487 | Oracle Communications Pricing Design Center up to 12.0.0.8.0/15.0.0.0.0 REST Services Manager denial of service", "creation_timestamp": "2024-02-07T10:06:47.000000Z"}, {"uuid": "d8eaafc5-3608-4dd7-8da6-57e3c6429444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180421", "content": "https://ift.tt/T6YSsq3\nCVE-2023-44487 | Oracle Commerce Guided Search 11.3.2 Workbench denial of service", "creation_timestamp": "2024-02-06T23:51:55.000000Z"}, {"uuid": "d77a216a-a405-4695-9094-9d8644db8239", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44483", "type": "seen", "source": "https://t.me/ctinow/181587", "content": "https://ift.tt/xAlHDsw\nCVE-2023-44483 | Oracle Financial Services Behavior Detection Platform 8.0.8.1/8.1.1.1/8.1.2.5/8.1.2.6 Application information disclosure", "creation_timestamp": "2024-02-08T19:41:47.000000Z"}, {"uuid": "717248da-71af-4350-a28a-68cae74043f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44483", "type": "seen", "source": "https://t.me/ctinow/181899", "content": "https://ift.tt/C5m9QOH\nCVE-2023-44483 | Oracle WebCenter Portal 12.2.1.4.0 Discussion Forums information disclosure", "creation_timestamp": "2024-02-09T09:16:21.000000Z"}, {"uuid": "dad6ed4e-baa8-4d68-9bf7-bff5939b07a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44483", "type": "seen", "source": "https://t.me/ctinow/181914", "content": "https://ift.tt/dz8sbhm\nCVE-2023-44483 | Oracle WebLogic Server 12.2.1.4.0/14.1.1.0.0 Centralized Thirdparty Jars information disclosure", "creation_timestamp": "2024-02-09T09:56:13.000000Z"}, {"uuid": "3d080066-833c-4290-91ee-2cf043caa104", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/181856", "content": "https://ift.tt/zgbHkZO\nCVE-2023-44487 | Oracle Managed File Transfer 12.2.1.4.0 Runtime Server denial of service", "creation_timestamp": "2024-02-09T08:21:44.000000Z"}, {"uuid": "191c7388-5fef-4c90-916f-83877faa0547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/181854", "content": "https://ift.tt/3VJD2Rl\nCVE-2023-44487 | Oracle Coherence 12.2.1.4.0/14.1.1.0.0 Third Party denial of service", "creation_timestamp": "2024-02-09T08:21:42.000000Z"}, {"uuid": "35de5fac-4287-42fd-bab7-bad4134147be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44483", "type": "seen", "source": "https://t.me/ctinow/181606", "content": "https://ift.tt/T4OaryG\nCVE-2023-44483 | Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition Platform information disclosure", "creation_timestamp": "2024-02-08T20:11:15.000000Z"}, {"uuid": "c0a40d32-aad2-4ce2-b08b-2e4515ab3b81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44483", "type": "seen", "source": "https://t.me/ctinow/181552", "content": "https://ift.tt/MAiGzFg\nCVE-2023-44483 | Oracle Financial Services Analytical Applications Infrastructure information disclosure", "creation_timestamp": "2024-02-08T19:12:05.000000Z"}, {"uuid": "3e8f7958-dd34-4307-a45a-8ff0fdb9b9e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/cibsecurity/71988", "content": "\ud83d\udd74 Internet-Wide Zero-Day Bug Fuels Largest-Ever DDoS Event \ud83d\udd74\n\nOngoing Rapid Reset DDoS flood attacks exposed organizations need to patch CVE-2023-44487 immediately to head off crippling outages and business disruption.\n\n\ud83d\udcd6 Read\n\nvia \"Dark Reading\".", "creation_timestamp": "2023-10-10T21:52:06.000000Z"}, {"uuid": "782868d8-14d1-4477-835b-2bab3d875559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/182067", "content": "https://ift.tt/gRroveA\nCVE-2023-44487 | Oracle GraalVM for JDK Oracle GraalVM for JDK 21.0.1 Node denial of service", "creation_timestamp": "2024-02-09T15:26:56.000000Z"}, {"uuid": "9efc99d2-72b3-45d3-beda-36d735f82759", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44481", "type": "seen", "source": "https://t.me/ctinow/160681", "content": "https://ift.tt/vsViPeY\nCVE-2023-44481 Exploit", "creation_timestamp": "2023-12-29T21:17:11.000000Z"}, {"uuid": "5d333a4c-0f21-436c-b511-d74d59980251", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/181836", "content": "https://ift.tt/9T8OmJH\nCVE-2023-44487 | Oracle Coherence 12.2.1.4.0/14.1.1.0.0 Third Party denial of service", "creation_timestamp": "2024-02-09T07:51:31.000000Z"}, {"uuid": "c255ce4f-f788-4a5f-9b86-7981286443da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44482", "type": "seen", "source": "https://t.me/ctinow/160657", "content": "https://ift.tt/OedK3Jk\nCVE-2023-44482 Exploit", "creation_timestamp": "2023-12-29T19:16:51.000000Z"}, {"uuid": "5d6fd16a-845a-4360-b427-01ffa086d24b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/3592", "content": "HTTP/2 Rapid Reset Attack ( cve-2023-44487 )\n\nConcept of the attack in code:\nHttps://github.com/nxenon/cve-2023-44487\n\n\n#dos #ddos #http2 #cve_2023_44487", "creation_timestamp": "2023-11-11T19:33:13.000000Z"}, {"uuid": "56cd50a8-7d8d-4218-90c0-10088707f443", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44482", "type": "seen", "source": "https://t.me/ctinow/157933", "content": "https://ift.tt/ExyiUv8\nCVE-2023-44482", "creation_timestamp": "2023-12-21T20:22:28.000000Z"}, {"uuid": "22d39dcb-f850-496c-8bd6-94cd90fdc511", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44481", "type": "seen", "source": "https://t.me/ctinow/157932", "content": "https://ift.tt/cE3vli8\nCVE-2023-44481", "creation_timestamp": "2023-12-21T20:22:27.000000Z"}, {"uuid": "b06c5733-e49c-4027-9ff2-22b5e32bbb4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/cibsecurity/71948", "content": "\u203c CVE-2023-44487 \u203c\n\nThe HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T18:16:48.000000Z"}, {"uuid": "974b2a25-a356-486d-b49f-fabc5cff4fe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/thehackernews/3990", "content": "\u26a1 Beware of the HTTP/2 Rapid Reset attack! \n \nA novel zero-day flaw is being exploited to launch record-breaking distributed DDoS attacks. \n \nFind out more here: https://thehackernews.com/2023/10/http2-rapid-reset-zero-day.html \n \nLearn how AWS, Cloudflare, and Google are addressing CVE-2023-44487.", "creation_timestamp": "2023-10-10T17:26:45.000000Z"}, {"uuid": "2c274e6b-7706-43b2-9bc1-04fdf3857cea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/SecLabNews/14399", "content": "Rapid Reset: \u043d\u043e\u0432\u0430\u044f \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f HTTP/2, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043e\u0442\u043c\u0435\u043d\u0443 \u043f\u043e\u0442\u043e\u043a\u0430 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0433\u0438\u0433\u0430\u043d\u0442\u0441\u043a\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430\n\n\u2796 AWS, Cloudflare \u0438 Google \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u0438 \u0430\u0442\u0430\u043a Rapid Reset, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u043b\u0438 \u0434\u043e 398 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443.\n\n\u2796 \u0410\u0442\u0430\u043a\u0438 Rapid Reset \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 zero-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-44487 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2, \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u043e\u0442\u043c\u0435\u043d\u044b \u043f\u043e\u0442\u043e\u043a\u0430.\n\n\u2796 \u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u0430\u0442\u0430\u043a Rapid Reset \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u0441\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 HTTP-\u0430\u0442\u0430\u043a \u0438 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c \u0441\u0432\u043e\u044e \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u044c \u043a DDoS \u0440\u0430\u0437\u043d\u043e\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u043c\u0435\u0442\u043e\u0434\u0430\u043c\u0438.\n\n#DDoS #HTTP2 #RapidReset @SecLabNews", "creation_timestamp": "2023-10-11T07:34:31.000000Z"}, {"uuid": "d77766d0-2882-44f0-aa85-160715c44e6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/GhostClanInt/24479", "content": "DDoS methods\n\n1. Find the target domain example.com\n\n2. Try ping to see the IP: ping domain.com\n\n3. Copy the IP address and search near iplocation.net\n\n4. Look at the IP location that points to the correct country or not.\n\n5. If the IP points to the right country, most likely the server is there and can continue the DoS attack with Hping3, LOIC, RUDY and others.\n\n6. If the IP points to a cloud such as google, aws, akamai or waf such as cloudflare, imperva and others, then it cannot be DDoS because it is not the correct IP.\n\n7. To get the correct IP, you can see his DNS records at intodns.com/  . Scroll to look at SOA, MX and CNAME records.\n\n8. Try searching each IP at iplocation.net to see if it points to the correct country or not.\n\n9. Then if it is correct, repeat step 5 earlier. If there is no IP that points to the correct server or country, then look for another target.\n\nGood luck.\n\nViva Operation Israel Hackers!\n\n#Oplsrael - #FreePalestine - #AntiZionism - #Fucklsrael - #Anonymous\n\nhttps://github.com/sp00fing/ddos/blob/main/Layer-7/XML-RPC-Pingback-C/xml\n\nhttps://github.com/MatrixTM/MHDDoS\n\nhttps://ufonet.03c8.net/\n\nhttps://github.com/R00tS3c/DDOS-RootSec\n\nhttps://github.com/LimerBoy/Impulse\n\nlatest 0day for Ddos \n\nCVE-2023-44487\n\nGHOSTS of Palestine \ud83c\uddf5\ud83c\uddf8", "creation_timestamp": "2024-02-08T13:15:25.000000Z"}, {"uuid": "884af9ce-4966-4303-ab10-e6fbcedc845f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9183", "content": "#tools\n#Blue_Team_Techniques\n1. Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487\nhttps://github.com/bcdannyboy/CVE-2023-44487\n2. An Algorithm to Detect Hosting Providers/IP Ranges\nhttps://ipapi.is/blog/detecting-hosting-providers.html\n3. Tool for MSSQL relay audit and abuse\nhttps://github.com/CompassSecurity/mssqlrelay\n]-> https://blog.compass-security.com/2023/10/relaying-ntlm-to-mssql", "creation_timestamp": "2023-10-12T11:00:38.000000Z"}, {"uuid": "9487f7b1-95ff-4212-ba9a-92a3d3a598c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/S_E_Reborn/4142", "content": "\u041d\u043e\u0432\u044b\u0439 \u043c\u0435\u0442\u043e\u0434 DDoS-\u0430\u0442\u0430\u043a\u0438 HTTP/2 Rapid Reset \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a 0-day \u0438 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0435\u0432\u0437\u043e\u0448\u0435\u043b \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0440\u0435\u043a\u043e\u0440\u0434\u043d\u044b\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 DDoS. \n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0442\u0440\u0435\u0432\u043e\u0433\u0443 \u0431\u044c\u044e\u0442 \u0442\u0430\u043a\u0438\u0435 \u043c\u0430\u0441\u0442\u043e\u0434\u043e\u043d\u0442\u044b, \u043a\u0430\u043a Amazon Web Services, Cloudflare \u0438 Google, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0438\u0441\u044c \u0438 \u0431\u044b\u043b\u0438 \u0432\u044b\u043d\u0443\u0436\u0434\u0435\u043d\u044b \u043e\u0442\u0440\u0430\u0436\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0441\u0432\u043e\u0435\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u044e\u0449\u0438\u0435 155, 201 \u0438 \u0440\u0435\u043a\u043e\u0440\u0434\u043d\u044b\u0435 398 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n\u0410\u0442\u0430\u043a\u0430 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2 (CVE-2023-44487), \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u043e\u0442\u043c\u0435\u043d\u044b \u043f\u043e\u0442\u043e\u043a\u0430, \u043d\u0435\u043f\u0440\u0435\u0440\u044b\u0432\u043d\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0438 \u043e\u0442\u043c\u0435\u043d\u044f\u044f \u0437\u0430\u043f\u0440\u043e\u0441\u044b, \u0447\u0442\u043e \u043f\u0435\u0440\u0435\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0438\u043b\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0438 \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 DoS.\n\nGoogle \u0441\u043c\u043e\u0433 \u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c\u0441\u044f \u0441 \u0430\u0442\u0430\u043a\u0430\u043c\u0438, \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u0434\u043e\u0431\u0430\u0432\u0438\u043b \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u044c \u043d\u0430 \u043f\u0435\u0440\u0438\u0444\u0435\u0440\u0438\u0438 \u0441\u0432\u043e\u0435\u0439 \u0441\u0435\u0442\u0438.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 HTTP/2 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0434\u043b\u0438\u043d\u043d\u044b\u0445 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0435\u0439 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\nCloudflare, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043c\u044f\u0433\u0447\u0438\u043b \u0430\u0442\u0430\u043a\u0443 \u0432 \u0442\u0440\u0438 \u0440\u0430\u0437\u0430 \u0431\u043e\u043b\u044c\u0448\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u0441\u0432\u043e\u0435\u0433\u043e \u0430\u043d\u0442\u0438\u0440\u0435\u043a\u043e\u0440\u0434\u0430, \u043e\u0436\u0438\u0434\u0430\u0435\u0442, \u0447\u0442\u043e HTTP/2 Rapid Reset \u0431\u0443\u0434\u0443\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0440\u0430\u0441\u0442\u0438 \u0438 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c\u0441\u044f, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0435\u043f\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0441\u0432\u043e\u044f\u0442 \u043d\u043e\u0432\u044b\u0439 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e \u043d\u0430\u0440\u0430\u0441\u0442\u044f\u0442 \u0441\u0432\u043e\u0438 \u0431\u043e\u0442\u043d\u0435\u0442\u044b.\n\nCloudflare \u0443\u0436\u0435 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b \u043a\u043e\u043b\u043e\u0441\u0441\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u043e\u0441\u0442 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u0439 \u0441\u0440\u0435\u0434\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0438 \u0435\u0441\u043b\u0438 \u0432\u044b \u0443\u0432\u0438\u0434\u0435\u043b\u0438 \u043e\u0448\u0438\u0431\u043a\u0443 502 \u0432\u043c\u0435\u0441\u0442\u043e \u0436\u0435\u043b\u0430\u0435\u043c\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430 \u0441\u0430\u0439\u0442\u0430, \u0442\u043e \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u044d\u0442\u043e \u0434\u0435\u043b\u043e \u0440\u0443\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.", "creation_timestamp": "2023-10-11T19:35:56.000000Z"}, {"uuid": "29f3ef6c-aa57-40d6-8a48-819efed68b4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11806", "content": "#exploit\n1. CVE-2025-0108:\nNginx/Apache Path Confusion to Auth Bypass in PAN-OS\nhttps://slcyber.io/blog/nginx-apache-path-confusion-to-auth-bypass-in-pan-os\n\n2. CVE-2024-42009:\nStored XSS in Roundcube Webmail\nhttps://github.com/0xbassiouny1337/CVE-2024-42009\n\n3. CVE-2022-41741, CVE-2022-41742, CVE-2023-44487 Check Script:\nhttps://github.com/moften/CVE-2022-4174_CVE-2022-41742", "creation_timestamp": "2025-02-13T14:50:07.000000Z"}, {"uuid": "9950f4cd-810b-4c2f-ae68-98cf72b59cf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/9181", "content": "#Threat_Research\n1. A Risk-Based Prioritization Taxonomy for prioritizing CVEs\nhttps://github.com/theparanoids/PrioritizedRiskRemediation\n2. HTTP/2 \"Rapid Reset\" DDoS attack (CVE-2023-44487)\nhttps://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\n]-> https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487", "creation_timestamp": "2023-10-12T11:00:38.000000Z"}, {"uuid": "a04e650a-5f3a-4552-ae4a-66b17970fe9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/Rootsec_2/1333", "content": "#Threat_Research\n1. A Risk-Based Prioritization Taxonomy for prioritizing CVEs\nhttps://github.com/theparanoids/PrioritizedRiskRemediation\n2. HTTP/2 \"Rapid Reset\" DDoS attack (CVE-2023-44487)\nhttps://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\n]-> https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487", "creation_timestamp": "2024-08-16T08:33:54.000000Z"}, {"uuid": "66c85130-39c6-4d49-ba39-ea7e3165e4be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/SaturnSpark/3441", "content": "NEWS:\n+NEW METHOD \n-RAPIDRST\nBYPASS HTTPDDOS\n_\n+exploits:\nCVE-2016-6581, \nCVE-2019-9512, CVE-2023-44487\n__\nbest regards \n@strstring", "creation_timestamp": "2024-02-26T16:31:09.000000Z"}, {"uuid": "a37763d9-18c1-4946-b075-2afab51d4d0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1335", "content": "#tools\n#Blue_Team_Techniques\n1. Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487\nhttps://github.com/bcdannyboy/CVE-2023-44487\n2. An Algorithm to Detect Hosting Providers/IP Ranges\nhttps://ipapi.is/blog/detecting-hosting-providers.html\n3. Tool for MSSQL relay audit and abuse\nhttps://github.com/CompassSecurity/mssqlrelay\n]-> https://blog.compass-security.com/2023/10/relaying-ntlm-to-mssql", "creation_timestamp": "2024-08-16T08:33:54.000000Z"}, {"uuid": "89961d3b-97e7-4e45-a9cc-bd1d3149ed5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/kasraone_com/558", "content": "\u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u062a\u06a9\u0646\u06cc\u06a9 \u0647\u0627\u06cc \u062a\u06cc\u0645 \u0622\u0628\u06cc \ud83d\udc99\n\nGit Hub \ud83d\udc08\n\n1. \u0627\u0633\u06a9\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u0633\u0627\u0633\u06cc \u0628\u0631\u0627\u06cc \u062f\u06cc\u062f\u0646 \u0627\u06cc\u0646\u06a9\u0647 \u0622\u06cc\u0627 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u0648\u0628 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 CVE-2023-44487 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0628\u0627\u0634\u0646\u062f\nhttps://github.com/bcdannyboy/CVE-2023-44487\n\n2. \u06cc\u06a9 \u0627\u0644\u06af\u0648\u0631\u06cc\u062a\u0645 \u0628\u0631\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0645\u06cc\u0632\u0628\u0627\u0646\u06cc / \u0645\u062d\u062f\u0648\u062f\u0647 \u0647\u0627\u06cc IP\nhttps://ipapi.is/blog/detectin-hosting-providers.html\n\n3. \u0627\u0628\u0632\u0627\u0631 \u062d\u0633\u0627\u0628\u0631\u0633\u06cc \u0648 \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0631\u0644\u0647 MSSQL\n\nhttps://github.com/CompassSecurity/mssqlrelay\nhttps://blog.compass-security.com/2023/10/relaying-ntlm-to-mssql\n\n\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u2661 \u2800\u2800 \u3007\u2800\u00a0 \u2800 \u2399\u2800\u200c \u200c \u2332\u2063 \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u02e1\u2071\u1d4f\u1d49\u00a0 \u1d9c\u1d52\u1d50\u1d50\u1d49\u207f\u1d57\u00a0 \u02e2\u1d43\u1d5b\u1d49\u00a0 \u02e2\u02b0\u1d43\u02b3\u1d49\n\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 K1\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 kasraone", "creation_timestamp": "2023-10-17T07:21:58.000000Z"}, {"uuid": "7d438f11-9f8a-4bdd-9bae-288741b72e3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1360", "content": "https://github.com/imabee101/CVE-2023-44487\n\nPERFORM ATTACKS AT YOUR OWN RISK, THIS IS JUST A INFORMATIONAL, I AM NOT RESPONSIBLE FOR ILLEGAL ACTIVITY", "creation_timestamp": "2024-08-16T08:33:56.000000Z"}, {"uuid": "0021d796-5f6d-4036-afaa-6f1565f865d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/bDRsekGT6KsUOKSAQI-KSXDhypQzzgL-gjqbTcCXe2h_h6A", "content": "", "creation_timestamp": "2026-05-15T21:00:05.000000Z"}]}