{"vulnerability": "cve-2023-44487", "sightings": [{"uuid": "b9b6932b-2f00-46de-b133-d4860280c0c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-10-10T21:10:02.000000Z"}, {"uuid": "ad2b8513-7e71-4783-ae24-bd3228bec1a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "cb3be289-1bd0-4733-b7e5-4b935a0610d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/", "content": "", "creation_timestamp": "2023-10-10T05:00:00.000000Z"}, {"uuid": "801cec75-acb9-4dde-bf80-c09a38e8c9ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113672096276468558", "content": "", "creation_timestamp": "2024-12-18T05:09:00.171743Z"}, {"uuid": "30b50f45-607c-4136-b45b-2a55460ecaa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971900", "content": "", "creation_timestamp": "2024-12-24T20:35:25.203047Z"}, {"uuid": "cfe7df69-537e-4618-ac5c-4f0d97939145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:48.000000Z"}, {"uuid": "fa2871fc-f7e0-47ce-b832-4f1691497bda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lz2qazdnvf2w", "content": "", "creation_timestamp": "2025-09-17T21:02:40.844253Z"}, {"uuid": "9a49533e-6dac-41a9-84d5-4692d090d02e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-05", "content": "", "creation_timestamp": "2025-06-12T10:00:00.000000Z"}, {"uuid": "0bccf176-3c58-4d68-b927-0a057ec21161", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-203-04", "content": "", "creation_timestamp": "2025-07-22T10:00:00.000000Z"}, {"uuid": "46dc7ec6-d481-49c1-97c7-2ca75fdcee77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://gist.github.com/lmolkova/34dc5c0b0f583ca80681af3c9334238d", "content": "", "creation_timestamp": "2025-11-03T23:34:52.000000Z"}, {"uuid": "89503514-8464-449e-994d-1e318fc16895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http-2/", "content": "", "creation_timestamp": "2023-10-10T05:00:00.000000Z"}, {"uuid": "cb598b10-128e-4c5b-838d-660e26d57e62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3m6kcqvykujh2", "content": "", "creation_timestamp": "2025-11-26T16:49:32.871533Z"}, {"uuid": "fa59a080-421b-4b4f-9511-dcdda6a1583c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m6kcqrgukf2g", "content": "", "creation_timestamp": "2025-11-26T16:49:20.351181Z"}, {"uuid": "1627e2ff-06a1-41b3-a2a6-182caced2241", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://gist.github.com/vietj/6cb0297e7881e7ddfbf29a64848fb7c7", "content": "", "creation_timestamp": "2026-03-03T09:26:42.000000Z"}, {"uuid": "5deb8747-68b6-4ef6-92d5-fcefa42cff57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://gist.github.com/lmolkova/a8deca8726d3e185e2644f43182b54be", "content": "", "creation_timestamp": "2026-01-01T20:10:51.000000Z"}, {"uuid": "2d164614-88b7-48f8-8384-3a376a7f37ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0287/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "6cbc5d06-ab29-4cc9-8973-b0d5bfc1bf7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "0b71ad3d-4625-4ea5-875c-8bbba9db852e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1130", "content": "", "creation_timestamp": "2023-10-11T04:00:00.000000Z"}, {"uuid": "14bb6d0c-765e-4759-ba77-3f46dd5e43ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1138", "content": "", "creation_timestamp": "2023-10-16T04:00:00.000000Z"}, {"uuid": "bdf4cdca-8368-4c7b-9fac-93aff5986921", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_8/2024", "content": "", "creation_timestamp": "2024-02-09T10:14:28.000000Z"}, {"uuid": "e338b053-3127-46c8-97ab-5f86d43f1c3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-44487", "type": "seen", "source": "https://gist.github.com/alon710/fd16799ed4000acf29f2381f06df6070", "content": "", "creation_timestamp": "2026-01-24T21:32:22.000000Z"}, {"uuid": "590a3ca9-726e-47e0-978f-ca645677e619", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://gist.github.com/alon710/090ce152a99e7d6c37ffe600ece932cd", "content": "", "creation_timestamp": "2026-01-24T21:32:26.000000Z"}, {"uuid": "c2bc6de0-1e64-482b-bb26-23e9014610bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/272", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-6596\n\ud83d\udd39 Description: An incomplete fix was shipped for the Rapid Reset (CVE-2023-44487/CVE-2023-39325) vulnerability for an OpenShift Containers.\n\ud83d\udccf Published: 2024-04-25T16:00:24.215Z\n\ud83d\udccf Modified: 2025-01-06T22:01:20.326Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:0485\n2. https://access.redhat.com/errata/RHSA-2024:0682\n3. https://access.redhat.com/security/cve/CVE-2023-6596\n4. https://bugzilla.redhat.com/show_bug.cgi?id=2253521", "creation_timestamp": "2025-01-06T22:38:24.000000Z"}, {"uuid": "d705edc8-400f-411b-8191-b91cbf17b162", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4441842a-dcf2-4b86-a575-007bad2b482a", "content": "", "creation_timestamp": "2026-02-02T12:26:48.814572Z"}, {"uuid": "9eb0f99f-33e0-4403-ae88-262b46bfad32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/cKure/11834", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 HTTP/2 Rapid Reset (CVE-2023-44487)\n\nhttps://thehackernews.com/2023/10/record-breaking-100-million-rps-ddos.html", "creation_timestamp": "2023-10-27T06:18:29.000000Z"}, {"uuid": "5bcd8514-9b0a-4688-9beb-de60730d398c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5374", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aTest Script for CVE-2023-44487\nURL\uff1ahttps://github.com/ByteHackr/CVE-2023-44487\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-12T03:17:19.000000Z"}, {"uuid": "a12649a0-c572-4a91-9dae-339dfb0c57ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5351", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aBasic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487\nURL\uff1ahttps://github.com/bcdannyboy/CVE-2023-44487\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-10T14:26:33.000000Z"}, {"uuid": "a3b25cc1-7a01-4e3a-8b7b-b7cb93b6eb3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/I-KMl-VM-m1GjAHEWWQ8aP3mX4MIDs3Gzao9kI6rvEgKQrI", "content": "", "creation_timestamp": "2025-12-14T21:00:05.000000Z"}, {"uuid": "82a9b91c-bff6-4d6f-9f04-5f8387090e2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5439", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aQuick exploit to test out rapid reset attack (CVE-2023-44487). Note: For education purpose only\nURL\uff1ahttps://github.com/studiogangster/CVE-2023-44487\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-16T11:18:09.000000Z"}, {"uuid": "6e6989e6-c87c-440c-86cd-5b87e063b8ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5379", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-44487\nURL\uff1ahttps://github.com/pabloec20/rapidreset\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-12T07:15:13.000000Z"}, {"uuid": "63651c19-8927-4cec-a594-986a8cff85bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5835", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aHighly configurable tool to check a server's vulnerability against CVE-2023-44487 by rapidly sending HEADERS and RST_STREAM frames and documenting the server's responses.\nURL\uff1ahttps://github.com/ndrscodes/http2-rst-stream-attacker\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-16T17:17:59.000000Z"}, {"uuid": "25ce5472-20a4-4afc-94a0-a85151938d78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5944", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aA tool to check how well a system can handle Rapid Reset DDoS attacks (CVE-2023-44487).\nURL\uff1ahttps://github.com/terrorist/CVE-2023-44487\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-24T18:29:20.000000Z"}, {"uuid": "139c593b-1919-4e9c-99a3-af85617dac78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5945", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aA tool to check how well a system can handle Rapid Reset DDoS attacks (CVE-2023-44487).\nURL\uff1ahttps://github.com/terrorist/HTTP-2-Rapid-Reset-Client\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-24T19:58:11.000000Z"}, {"uuid": "b3dafe93-d806-4e46-956e-76446b06f2e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/itsec_news/3435", "content": "\u200b\u26a1\ufe0f\u041d\u043e\u0432\u044b\u0439 \u043c\u0435\u0442\u043e\u0434 DDoS-\u0430\u0442\u0430\u043a\u0438 \u00abHTTP/2 Rapid Reset\u00bb \u0431\u044c\u0451\u0442 \u0440\u0435\u043a\u043e\u0440\u0434\u044b \u0438\u043d\u0442\u0435\u043d\u0441\u0438\u0432\u043d\u043e\u0441\u0442\u0438.\n\n\ud83d\udcac \u041d\u043e\u0432\u0430\u044f \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u044f DDoS-\u0430\u0442\u0430\u043a \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c \u00abHTTP/2 Rapid Reset\u00bb \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 zero-day \u0430\u0442\u0430\u043a\u0438 \u0441 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430, \u043f\u043e\u0431\u0438\u0432 \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0440\u0435\u043a\u043e\u0440\u0434\u044b \u043f\u043e \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0430\u043c.\n\n\u041d\u043e\u0432\u043e\u0441\u0442\u0438 \u043e Rapid Reset \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0432\u044b\u0445\u043e\u0434\u0430 \u0441\u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043e\u0442\u0447\u0451\u0442\u043e\u0432 \u0443 AWS , Cloudflare \u0438 Google , \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u0438 \u0430\u0442\u0430\u043a, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u044e\u0449\u0438\u0445 155 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443 \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Amazon, 201 \u043c\u0438\u043b\u043b\u0438\u043e\u043d \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Cloudflare \u0438 398 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443 \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Google.\n\n\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0442\u043e \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u0442\u0430\u043a\u043e\u0439 \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0441\u0440\u0430\u0432\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0430\u044f \u0431\u043e\u0442\u043d\u0435\u0442-\u0441\u0435\u0442\u044c \u0438\u0437 20 \u0442\u044b\u0441\u044f\u0447 \u043c\u0430\u0448\u0438\u043d. \u0410 \u0432\u0435\u0434\u044c \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0442 \u0431\u043e\u0442\u043d\u0435\u0442\u044b \u0438\u0437 \u0441\u043e\u0442\u0435\u043d \u0442\u044b\u0441\u044f\u0447 \u0438 \u0434\u0430\u0436\u0435 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432. \u0427\u0442\u043e \u0431\u0443\u0434\u0435\u0442, \u0435\u0441\u043b\u0438 \u043e\u043d\u0438 \u043d\u0430\u0447\u043d\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Rapid Reset \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445?\n\n\u041a\u0430\u043a \u0431\u044b \u0442\u043e \u043d\u0438 \u0431\u044b\u043b\u043e, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Cloudflare \u0440\u0430\u043f\u043e\u0440\u0442\u0443\u044e\u0442, \u0447\u0442\u043e \u0441 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0443\u0436\u0435 \u0431\u043e\u043b\u0435\u0435 \u0442\u044b\u0441\u044f\u0447\u0438 \u0440\u0430\u0437\u043d\u044b\u0445 DDoS-\u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043c\u0435\u0442\u043e\u0434\u0430 \u00abHTTP/2 Rapid Reset\u00bb.\n\n\u042d\u0442\u043e\u0442 \u043d\u043e\u0432\u044b\u0439 \u043c\u0435\u0442\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 zero-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2023-44487 . \u041e\u043d \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u0435\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 HTTP/2, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u043e\u0442\u043c\u0435\u043d\u044b \u043f\u043e\u0442\u043e\u043a\u0430 \u0434\u043b\u044f \u0431\u0435\u0441\u043f\u0440\u0435\u0440\u044b\u0432\u043d\u043e\u0439 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0438 \u043e\u0442\u043c\u0435\u043d\u044b \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u0447\u0442\u043e \u043c\u043e\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u0435\u0440\u0435\u0433\u0440\u0443\u0437\u043a\u0435 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430.\n\n\u0412 HTTP/2 \u043f\u0440\u0435\u0434\u0443\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u0430 \u0437\u0430\u0449\u0438\u0442\u0430 \u0432 \u0432\u0438\u0434\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432\u0430\u0435\u0442 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u043f\u043e\u0442\u043e\u043a\u043e\u0432 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f DoS-\u0430\u0442\u0430\u043a, \u043e\u0434\u043d\u0430\u043a\u043e \u044d\u0442\u043e \u043d\u0435 \u0432\u0441\u0435\u0433\u0434\u0430 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e.\n\nGoogle \u043f\u043e\u044f\u0441\u043d\u0438\u043b: \u00ab\u041f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043e\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043e\u0442\u043c\u0435\u043d\u0443, \u043a\u043b\u0438\u0435\u043d\u0442 \u043c\u043e\u0436\u0435\u0442 \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u044d\u0442\u043e \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u00bb. \u041e\u0442\u0441\u044e\u0434\u0430 \u0438 \u0442\u0430\u043a\u043e\u0439 \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u0442\u043e\u043a \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u2014 \u0437\u0430\u0434\u0435\u0440\u0436\u0435\u043a \u0434\u043b\u044f \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043f\u043e\u0447\u0442\u0438 \u043d\u0435\u0442.\n\nCloudflare \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e HTTP/2 \u043f\u0440\u043e\u043a\u0441\u0438 \u0438 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a. \u041f\u043e \u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u044d\u0442\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0449\u0438\u0435\u0441\u044f \u0430\u0442\u0430\u043a\u0438 \u043f\u0440\u0438\u0432\u0435\u043b\u0438 \u043a \u0443\u0432\u0435\u043b\u0438\u0447\u0435\u043d\u0438\u044e \u043e\u0448\u0438\u0431\u043e\u043a 502 (Bad Gateway) \u0441\u0440\u0435\u0434\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 Cloudflare.\n\n\u0414\u043b\u044f \u043e\u0442\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a Cloudflare \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u00abIP Jail\u00bb, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432\u0430\u044f \u0438\u0445 \u0434\u043e\u0441\u0442\u0443\u043f \u043a HTTP/2 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0434\u043e\u043c\u0435\u043d\u043e\u0432 Cloudflare \u043d\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u0440\u0435\u043c\u044f. Amazon \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0441\u0442\u043e\u044f\u043b\u0430 \u0434\u0435\u0441\u044f\u0442\u043a\u0430\u043c \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0446\u0438\u0444\u0440\u043e\u0432\u044b\u0445 \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u0439, \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u044f, \u0447\u0442\u043e \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0430\u0442\u0430\u043a.\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0430\u0442\u0430\u043a\u0430\u043c HTTP/2 Rapid Reset \u0432\u0441\u0435 \u0442\u0440\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0441\u0432\u043e\u0438\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u0441\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 HTTP-\u0430\u0442\u0430\u043a \u0438 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c \u0441\u0432\u043e\u044e \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u044c \u043a DDoS \u0440\u0430\u0437\u043d\u043e\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u043c\u0435\u0442\u043e\u0434\u0430\u043c\u0438.\n\nCloudflare \u0432 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u043c \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0438 \u0443\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0443\u043c\u0430\u043b\u0447\u0438\u0432\u0430\u043d\u0438\u0435 \u043e\u0431 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u043b\u043e\u0441\u044c \u0431\u043e\u043b\u0435\u0435 \u043c\u0435\u0441\u044f\u0446\u0430, \u0447\u0442\u043e\u0431\u044b \u0434\u0430\u0442\u044c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c \u0441\u0438\u0441\u0442\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043d\u0430 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435.\n\n\u00ab\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u043d\u0430\u0441\u0442\u0443\u043f\u0438\u043b \u0442\u043e\u0442 \u0434\u0435\u043d\u044c, \u043a\u043e\u0433\u0434\u0430 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u044d\u0442\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u0435\u00bb \u2014 \u0437\u0430\u043a\u043b\u044e\u0447\u0438\u043b\u0438 \u0432 Cloudflare.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-10-11T05:27:00.000000Z"}, {"uuid": "f09df0e3-98cf-4ee2-97d1-3f0122302350", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/poxek/5447", "content": "MadeYouReset: \u041d\u043e\u0432\u0430\u044f HTTP/2 DoS \u0430\u0442\u0430\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0443\u0436\u0435 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043b\u0438\n#research #http2 #http1 #http #DoS #CVE\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u0422\u0435\u043b\u044c-\u0410\u0432\u0438\u0432\u0441\u043a\u043e\u0433\u043e \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u0443\u044e HTTP/2 DoS \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c MadeYouReset (CVE-2025-8671). \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0447\u0442\u043e \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u043e\u0432 \u0443\u0436\u0435 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u044b \u043e\u0442 \u043d\u0435\u0451 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043c\u0435\u0440\u0430\u043c \u043f\u0440\u043e\u0442\u0438\u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e\u0434\u043d\u0435\u0439 \u0430\u0442\u0430\u043a\u0438 Rapid Reset.\n\nHTTP/2 stream reset - \u044d\u0442\u043e \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0443 \u043e\u0442\u043c\u0435\u043d\u0438\u0442\u044c HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 \u0434\u043e \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043e\u0442\u0432\u0435\u0442\u0430 \u043e\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u044c\u0442\u0435 \u044d\u0442\u043e \u043a\u0430\u043a \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0441\u043a\u0430\u0437\u0430\u0442\u044c \"\u043d\u0435\u0432\u0430\u0436\u043d\u043e\" \u043e\u0444\u0438\u0446\u0438\u0430\u043d\u0442\u0443, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0443\u0436\u0435 \u043f\u043e\u0448\u0451\u043b \u043d\u0430 \u043a\u0443\u0445\u043d\u044e \u0441 \u0432\u0430\u0448\u0438\u043c \u0437\u0430\u043a\u0430\u0437\u043e\u043c. \u041f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f, \u0432\u0435\u0434\u044c \u0435\u0451 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0430\u0442\u0430\u043a))\n\n\u0420\u0430\u0437\u043d\u0438\u0446\u0430 \u0441 Rapid Reset:\n\nRapid Reset (CVE-2023-44487) \u0440\u0430\u0431\u043e\u0442\u0430\u043b \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u044f\u043c\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441\u0431\u0440\u043e\u0441\u0430 \u043f\u043e\u0442\u043e\u043a\u043e\u0432 - \u043a\u043b\u0438\u0435\u043d\u0442 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u043b \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0438 \u0441\u0440\u0430\u0437\u0443 \u0438\u0445 \u043e\u0442\u043c\u0435\u043d\u044f\u043b, \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0441\u0435\u0440\u0432\u0435\u0440 \u0442\u0440\u0430\u0442\u0438\u0442\u044c \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u0432\u043f\u0443\u0441\u0442\u0443\u044e.\n\nMadeYouReset \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u0445\u0438\u0442\u0440\u044b\u0439 \u043f\u043e\u0434\u0445\u043e\u0434: \u0432\u043c\u0435\u0441\u0442\u043e \u043f\u0440\u044f\u043c\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0441\u0431\u0440\u043e\u0441\u0430 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0438\u0441\u043a\u0430\u0436\u0435\u043d\u043d\u044b\u0435 HTTP/2 frames, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0441\u0430\u043c \u0441\u0435\u0440\u0432\u0435\u0440 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0431\u0440\u043e\u0441 \u043f\u043e\u0442\u043e\u043a\u043e\u0432. \u042d\u0442\u043e \u043a\u0430\u043a \u043f\u043e\u0434\u0441\u0443\u043d\u0443\u0442\u044c \u043e\u0444\u0438\u0446\u0438\u0430\u043d\u0442\u0443 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439 \u0437\u0430\u043a\u0430\u0437, \u0447\u0442\u043e\u0431\u044b \u043e\u043d \u0441\u0430\u043c \u0435\u0433\u043e \u043e\u0442\u043c\u0435\u043d\u0438\u043b.\n\n\u27a1\ufe0f\u041c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0430\u0442\u0430\u043a\u0438:\n\n\u0428\u0430\u0433 1: \u0421\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f\n\u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 HTTP/2 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0441 \u0446\u0435\u043b\u0435\u0432\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c.\n\n\u0428\u0430\u0433 2: \u041e\u0442\u043f\u0440\u0430\u0432\u043a\u0430 malformed frames\n\u041a\u043b\u0438\u0435\u043d\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0438\u0441\u043a\u0430\u0436\u0435\u043d\u043d\u044b\u0435 control frames, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430\u0440\u0443\u0448\u0430\u044e\u0442 \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e HTTP/2.\n\n\u0428\u0430\u0433 3: \u041f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 reset\n\u0421\u0435\u0440\u0432\u0435\u0440, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u0435 frames, \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u0443\u0435\u0442 \u0441\u0431\u0440\u043e\u0441 \u043f\u043e\u0442\u043e\u043a\u043e\u0432 \u0434\u043b\u044f \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u044f \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f.\n\n\u0428\u0430\u0433 4: \u0418\u0441\u0442\u043e\u0449\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432\n\u041c\u0430\u0441\u0441\u043e\u0432\u044b\u0435 \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0431\u0440\u043e\u0441\u044b \u043f\u043e\u0442\u043e\u043a\u043e\u0432 \u043f\u0435\u0440\u0435\u0433\u0440\u0443\u0436\u0430\u044e\u0442 \u0441\u0435\u0440\u0432\u0435\u0440, \u043f\u0440\u0438\u0432\u043e\u0434\u044f \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.\n\n\u27a1\ufe0f\u0418\u043d\u0442\u0435\u0440\u0435\u0441\u0442\u0438\u043d\u0433 \u043c\u043e\u043c\u0435\u043d\u0442\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e HTTP/2 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0439. \u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u043e\u0432 (Cloudflare, AWS, Google) \u0443\u0436\u0435 \u0438\u043c\u0435\u044e\u0442 \u0437\u0430\u0449\u0438\u0442\u0443 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f DoS'\u0430\u043c 2 \u0433\u043e\u0434\u0430 \u043d\u0430\u0437\u0430\u0434 \u0447\u0435\u0440\u0435\u0437 Rapid Reset.\n\n\u27a1\ufe0f\u0417\u0430\u0449\u0438\u0442\u043d\u044b\u0435 \u043c\u0435\u0440\u044b:\n\n\u0414\u043b\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432:\n- \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 HTTP/2 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439\n- \u041f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 rate limiting \u0434\u043b\u044f HTTP/2 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0439\n- \u041c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433 \u0430\u043d\u043e\u043c\u0430\u043b\u044c\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 stream reset\n\n\u041f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0435\u0440\u0441\u0438\u0438:\n# \u041f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0435\u0440\u0441\u0438\u0438 nginx \u0441 HTTP/2\nnginx -V | grep http_v2\n\n# \u041f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 Apache HTTP/2 \u043c\u043e\u0434\u0443\u043b\u044f\napache2ctl -M | grep http2\n\n# \u041c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433 HTTP/2 stream resets\nnetstat -i | grep RST\n\n\ud83d\udd17\u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438:\n- Cloudflare Blog\n- CVE-2025-8671\n\n\ud83c\udf1a @poxek | \ud83c\udf1a \u0411\u043b\u043e\u0433 | \ud83d\udcfa YT | \ud83d\udcfa RT | \ud83d\udcfa VK", "creation_timestamp": "2025-08-20T07:23:20.000000Z"}, {"uuid": "48cfd0a7-60f5-40e4-8d4a-7214b96b7d11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2380", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12698\n\ud83d\udd39 Description: An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability (CVE-2023-39325/CVE-2023-44487) where only unauthenticated streams were protected, not streams created by authenticated sources.\n\ud83d\udccf Published: 2024-12-18T05:07:21.026Z\n\ud83d\udccf Modified: 2025-01-21T09:28:08.318Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2024-12698\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2332674", "creation_timestamp": "2025-01-21T10:01:16.000000Z"}, {"uuid": "8cc2f7c3-d7bc-4d7a-a1fc-71012c1150e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5259", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12698\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability (CVE-2023-39325/CVE-2023-44487) where only unauthenticated streams were protected, not streams created by authenticated sources.\n\ud83d\udccf Published: 2024-12-18T05:07:21.026Z\n\ud83d\udccf Modified: 2025-02-25T08:07:40.863Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:6122\n2. https://access.redhat.com/security/cve/CVE-2024-12698\n3. https://bugzilla.redhat.com/show_bug.cgi?id=2332674", "creation_timestamp": "2025-02-25T08:25:23.000000Z"}, {"uuid": "eeca493d-39d2-461b-9788-e609d9a41a8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/eiq80vTfK0uEvpSaVkLstXl9YEDfyEgGUyA39bKhe3J3sOM", "content": "", "creation_timestamp": "2026-04-24T09:00:04.000000Z"}, {"uuid": "38201630-ee30-45d6-aa50-2807547df155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/eXCe_Fixxed/502", "content": "# DD0S CVE List by Layer 3/4/7\n\n##  Layer 3 (Network) - ICMP, IP, NDP\n\n# 2020\n- CVE-2020-16898  > Windows TCP/IP \"Bad Neighbor\" - ICMPv6 ping of death (DoS via BSOD)\n\n##  Layer 4 (Transport) - TCP, UDP\n\n# 2013\n- CVE-2013-5211  > NTP Amplification Attack via 'monlist' (UDP-based)\n\n# 2016\n- CVE-2016-9244  > Cisco VPN IKEv1 flood (UDP port 500 DoS)\n\n# 2018\n- CVE-2018-1000115  > Memcached UDP Amplification (reflection attack)\n\n# 2018\n- CVE-2018-0171  > Cisco Smart Install DoS (TCP port 4786)\n\n##  Layer 7 (Application) - HTTP, NTP, Memcached, API\n\n# 2021\n- CVE-2021-22986  > F5 BIG-IP iControl REST unauth DoS/RCE (API abuse)\n\n# 2023\n- CVE-2023-44487  > HTTP/2 Rapid Reset Attack - stream reset flooding\n\n# 2024\n- CVE-2024-29269  > Telesquare LTE Router Cmd Injection (dapat digunakan untuk DoS chaining) {New Cve Bug}", "creation_timestamp": "2025-08-03T06:11:01.000000Z"}, {"uuid": "f40d6f25-5ef4-4536-9566-d7e4b73c6073", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/ArabGathering/2006", "content": "\u0627\u0641\u0636\u0644 \u0627\u062f\u0627\u0647 \u0644\u0641\u062d\u0635 \u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0645\u0648\u0627\u0642\u0639 2023 \u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 Kali Linux\n\nhttps://github.com/bcdannyboy/CVE-2023-44487", "creation_timestamp": "2024-02-05T12:49:03.000000Z"}, {"uuid": "9ea76ce0-a1dc-4915-98d2-8c4fa971bacd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/eXCe_Fixxed/109130", "content": "# DD0S CVE List by Layer 3/4/7\n\n##  Layer 3 (Network) - ICMP, IP, NDP\n\n# 2020\n- CVE-2020-16898  > Windows TCP/IP \"Bad Neighbor\" - ICMPv6 ping of death (DoS via BSOD)\n\n##  Layer 4 (Transport) - TCP, UDP\n\n# 2013\n- CVE-2013-5211  > NTP Amplification Attack via 'monlist' (UDP-based)\n\n# 2016\n- CVE-2016-9244  > Cisco VPN IKEv1 flood (UDP port 500 DoS)\n\n# 2018\n- CVE-2018-1000115  > Memcached UDP Amplification (reflection attack)\n\n# 2018\n- CVE-2018-0171  > Cisco Smart Install DoS (TCP port 4786)\n\n##  Layer 7 (Application) - HTTP, NTP, Memcached, API\n\n# 2021\n- CVE-2021-22986  > F5 BIG-IP iControl REST unauth DoS/RCE (API abuse)\n\n# 2023\n- CVE-2023-44487  > HTTP/2 Rapid Reset Attack - stream reset flooding\n\n# 2024\n- CVE-2024-29269  > Telesquare LTE Router Cmd Injection (dapat digunakan untuk DoS chaining) {New Cve Bug}", "creation_timestamp": "2025-08-03T06:11:01.000000Z"}, {"uuid": "a1c9dc38-3a0d-48c6-97a7-ec55eb452e9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5404", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aTool for testing mitigations and exposure to Rapid Reset DDoS (CVE-2023-44487)\nURL\uff1ahttps://github.com/secengjeff/rapidresetclient\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-13T23:58:05.000000Z"}, {"uuid": "3ee55500-b2fe-4f5a-b5fa-9eb9ea75170c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/142410", "content": "https://ift.tt/VQflzaC\nCVE-2023-44487 HTTP/2 Rapid Reset Attack", "creation_timestamp": "2023-10-11T00:11:40.000000Z"}, {"uuid": "182e7880-d19d-4ca7-b662-7bfff6520421", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/142295", "content": "https://ift.tt/Rn2XP9S\nDangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)", "creation_timestamp": "2023-10-10T17:18:13.000000Z"}, {"uuid": "0f07fd36-a757-4b8a-aabc-073f209f35b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/cvedetector/13160", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12698 - Rapid Reset Unauthenticated Stream Encryption Weakness in OpenShift Enterprise OSE-OLM-Catalogd Container\", \n  \"Content\": \"CVE ID : CVE-2024-12698 \nPublished : Dec. 18, 2024, 5:15 a.m. | 43\u00a0minutes ago \nDescription : An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability (CVE-2023-39325/CVE-2023-44487) where only unauthenticated streams were protected, not streams created by authenticated sources. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-18T07:00:06.000000Z"}, {"uuid": "5bbf9947-6efc-4e30-bd11-d31e6af5e188", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/qbmK9fYth1axrfdAHmjfhl8REmMqRFPuHZYTAd9zR7ZU", "content": "", "creation_timestamp": "2023-10-22T23:25:00.000000Z"}, {"uuid": "15f49ac7-5db6-4c13-8a8e-1043bf62b46a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/2421", "content": "#exploit\n1. CVE-2025-0108:\nNginx/Apache Path Confusion to Auth Bypass in PAN-OS\nhttps://slcyber.io/blog/nginx-apache-path-confusion-to-auth-bypass-in-pan-os\n\n2. CVE-2024-42009:\nStored XSS in Roundcube Webmail\nhttps://github.com/0xbassiouny1337/CVE-2024-42009\n\n3. CVE-2022-41741, CVE-2022-41742, CVE-2023-44487 Check Script:\nhttps://github.com/moften/CVE-2022-4174_CVE-2022-41742", "creation_timestamp": "2025-02-13T06:00:18.000000Z"}, {"uuid": "ecc17044-98c2-49f3-a917-7bbebb26867d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "Telegram/to4DFz49TeVMD13kMcjgDTlCQdMclkipo0xv3_UOuHSUk6Rm", "content": "", "creation_timestamp": "2025-03-08T04:35:52.000000Z"}, {"uuid": "f2260789-bf83-4edf-a021-746f7ac92622", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/2gfOevRfGxWg7m4YnRYekAswaHacdDlG0r5VQWh5yloD6OA", "content": "", "creation_timestamp": "2024-05-24T01:37:47.000000Z"}, {"uuid": "25bdee97-9172-476e-82f1-e086c2951f00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/6638", "content": "#exploit\n1. CVE-2025-0108:\nNginx/Apache Path Confusion to Auth Bypass in PAN-OS\nhttps://slcyber.io/blog/nginx-apache-path-confusion-to-auth-bypass-in-pan-os\n\n2. CVE-2024-42009:\nStored XSS in Roundcube Webmail\nhttps://github.com/0xbassiouny1337/CVE-2024-42009\n\n3. CVE-2022-41741, CVE-2022-41742, CVE-2023-44487 Check Script:\nhttps://github.com/moften/CVE-2022-4174_CVE-2022-41742", "creation_timestamp": "2025-02-13T06:00:18.000000Z"}, {"uuid": "e939ef7c-c794-4220-bae5-1cd8976b1e4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/kNLzawh1rwAujtz08dotqTVZcSbN4F51xL0g4fLomfhOjP0", "content": "", "creation_timestamp": "2025-03-22T10:52:29.000000Z"}, {"uuid": "2964d68a-3393-41c2-b1ff-ac452b9d2796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/889", "content": "\u26a1 Beware of the HTTP/2 Rapid Reset attack! \n\nA novel zero-day flaw is being exploited to launch record-breaking distributed DDoS attacks. \n\nFind out more here: https://thehackernews.com/2023/10/http2-rapid-reset-zero-day.html \n\nLearn how AWS, Cloudflare, and Google are addressing CVE-2023-44487.", "creation_timestamp": "2023-10-10T17:32:14.000000Z"}, {"uuid": "3eeeb0c1-06cd-4b2d-b9c3-f1a7668551fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/nGbKgSILWzgIOXDvUaueKVD8bw5Qna14SkE3PPURSmNJ", "content": "", "creation_timestamp": "2023-10-22T23:24:11.000000Z"}, {"uuid": "a4a6ad08-701a-4f73-9963-c89662522aa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/r4GccpksLBMuYW9OyJasEmA9bvNZyF1cM7eREPcCtwyRDg", "content": "", "creation_timestamp": "2023-11-06T20:02:46.000000Z"}, {"uuid": "4f9519df-8d6a-4162-ad70-1d0e123a5c8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/CZg38d-LlgC4W2LP8NEHb37WHgQN_h5xJ4fjDzzdSDLX", "content": "", "creation_timestamp": "2023-10-23T16:44:42.000000Z"}, {"uuid": "92902834-14af-462c-b404-8392bc6ede2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "Telegram/B_mIs0mKeaeXdym4glAe9vqmtPEkdqD4fk6zNXoJEG97mJNi", "content": "", "creation_timestamp": "2023-10-14T22:22:17.000000Z"}, {"uuid": "fcbb4c43-fe19-4fea-8c3f-ac6d895bd782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/RipperSec/712", "content": "\u0633\u0652\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0645\u0650 \u0627\u0644\u0644\u0647\u0650 \u0627\u0644\u0631\u064e\u0651\u062d\u0652\u0645\u064e\u0646\u0650 \u0627\u0644\u0631\u064e\u0651\u062d\u0650\u064a\u0652\u0645\u0650\n\u0627\u0644\u0644\u0647 \u0623\u0643\u0628\u0631\u00a0\u00a0\u0627\u0644\u0644\u0647 \u0623\u0643\u0628\u0631\u00a0\u00a0\u0627\u0644\u0644\u0647 \u0623\u0643\u0628\u0631\n\u0625\u0646 \u0634\u0627\u0621 \u0627\u0644\u0644\u0647\n\nTarget : https://bankjerusalem.co.il\nIP : 66.22.119.20\nHostname : 66.22.119.20\nISP : Redware Inc & Dc Protection Ltd\nInfo: No WAF detected by the generic detection\n\nPORT : 53 filtered domain\nPORT : 80 http\nPORT : 443 https \nMETHOD : TCP/UDP\nDomain : isoc.org.il 51.17.123.48 \nASN: AS16509 \nCountry: IL \nCity: TEL AVIV \nDomain: Amazonaws.com | IIX.NET.IL | ISOC.org.il | \nPorts: 80 | 443 | \nHTTP Status: 301 | \nProvider: Amazon.com, Inc. \nOrganization: A100 Row Inc \nPossible vulnerabilities: CVE-2021-3618 | CVE-2023-44487 |\n\nGreetz:- All Muslim Hackers\n\n#TengkorakCyberCrew \n#EagleCyberCrew\n#RipperSec\n#KhalifahCyberCrew\n#HelangMerahGroup \n#LaskarPembebasanPalestina\n#TeamCyberAbabil\n#Cyberwar PaLestiNe 3.0\n#TABM MALAYSIA-PALESTINE (MyPA)\n\nCome join us!!\nhttps://t.me/MalaysiaHacktivist\nhttps://t.me/MalaysiaHacktivistz", "creation_timestamp": "2024-02-12T14:43:23.000000Z"}, {"uuid": "368190e1-d42a-4819-b694-de81c8861da4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/HVMsYUWTr9m-Towup_bLUqjBTT3mshvZui_eiU4s3oRGdI8", "content": "", "creation_timestamp": "2023-12-06T13:08:09.000000Z"}, {"uuid": "521960a3-9f55-42a7-846a-4303d217a000", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/arpsyndicate/1965", "content": "#ExploitObserverAlert\n\nCVE-2023-44487\n\nDESCRIPTION: Exploit Observer has 85 entries related to CVE-2023-44487. The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\n\nFIRST-EPSS: 0.601570000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T10:40:38.000000Z"}, {"uuid": "d8263b70-02df-4137-abda-9edfd12ba62c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/Githuseo/260", "content": "https://github.com/bcdannyboy/CVE-2023-44487\n\u57fa\u672c\u6f0f\u6d1e\u626b\u63cf\uff0c\u67e5\u770b Web \u670d\u52a1\u5668\u662f\u5426\u5bb9\u6613\u53d7\u5230 CVE-2023-44487 \u7684\u653b\u51fb", "creation_timestamp": "2023-10-14T06:16:19.000000Z"}, {"uuid": "b31d1ac7-9828-4c7e-b1af-6690fc2ff3f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "Telegram/GBahda7mYIxvfaDNfj8-SSU2d16LU5UYSpMKXBkR3Vhvh9Zg", "content": "", "creation_timestamp": "2023-12-03T17:00:22.000000Z"}, {"uuid": "f9c4bd82-8810-409f-b298-fa81eb91b1d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/arpsyndicate/4903", "content": "#ExploitObserverAlert\n\nCVE-2023-44487\n\nDESCRIPTION: Exploit Observer has 430 entries in 26 file formats related to CVE-2023-44487. The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\n\nFIRST-EPSS: 0.739260000\nNVD-IS: 3.6\nNVD-ES: 3.9\nARPS-PRIORITY: 0.7642706", "creation_timestamp": "2024-05-02T21:31:29.000000Z"}, {"uuid": "b2d190ea-fba9-4750-81f3-a13a087111d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/arpsyndicate/1807", "content": "#ExploitObserverAlert\n\nCVE-2023-44487\n\nDESCRIPTION: Exploit Observer has 85 entries related to CVE-2023-44487. The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\n\nFIRST-EPSS: 0.601570000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-12T12:09:50.000000Z"}, {"uuid": "81d1fc8e-ff6b-4c4d-9a61-5774bedc93c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "Telegram/VFcH9B5JY0UbDEuI_6uPR4ZyxdeHpWL3DIgaSyeDZpcSYg", "content": "", "creation_timestamp": "2023-10-10T17:52:37.000000Z"}, {"uuid": "aedbd4e6-7dba-43a2-983c-b5a2f9d3bbbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/nodejsleaks/347", "content": "Private | Custom method | Node.JS\n(Using HTTP/2 Rapid-Reset) [Exploit CVE-2023-44487]\n- Method bypass HTTP-DDoS \n- Method sending big requests/s\n- Using 1 server for graph (8 core | 32 ram | 1 gb/port)\n- More: 8 threads | 128 rate | 5 connections\n\nRegards, @mitigations \u263a\ufe0f", "creation_timestamp": "2023-11-26T00:44:52.000000Z"}, {"uuid": "d78edd4a-6bac-44c3-be95-d8d268f7e81b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/-AN5Wb8nooNX5gMsGMlz_MhqzDd5BvuXA1c7foEp2HLAQVoEiA", "content": "", "creation_timestamp": "2025-03-24T17:54:12.000000Z"}, {"uuid": "02856129-72ef-44fc-a947-83fe51dd3c57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/arpsyndicate/65", "content": "#ExploitObserverAlert\n\nCVE-2023-44487\n\nDESCRIPTION: Exploit Observer has 54 entries related to CVE-2023-44487. The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\n\nFIRST-EPSS: 0.527480000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-11-10T22:12:13.000000Z"}, {"uuid": "6f571705-200e-44e4-bf01-1a92b44e8566", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/LiberationofAlAqsa/905", "content": "\u0627\u0641\u0636\u0644 \u0627\u062f\u0627\u0647 \u0644\u0641\u062d\u0635 \u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0645\u0648\u0627\u0642\u0639 2023 \u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 Kali Linux\n\nhttps://github.com/bcdannyboy/CVE-2023-44487", "creation_timestamp": "2023-12-06T08:20:41.000000Z"}, {"uuid": "86dbd8bb-d7b1-4ea0-9fcc-fb9eaf272b8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/vO0O31bLCGt8dsAHeykDxjvD1rdqLB0PRbsJDam8FXp0AeE", "content": "", "creation_timestamp": "2025-02-02T06:12:15.000000Z"}, {"uuid": "1487f790-157c-42b8-97f5-cbcd45d39811", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanOfficial/646", "content": "DDoS methods\n\n1. Find the target domain example.com\n\n2. Try ping to see the IP: ping domain.com\n\n3. Copy the IP address and search near iplocation.net\n\n4. Look at the IP location that points to the correct country or not.\n\n5. If the IP points to the right country, most likely the server is there and can continue the DoS attack with Hping3, LOIC, RUDY and others.\n\n6. If the IP points to a cloud such as google, aws, akamai or waf such as cloudflare, imperva and others, then it cannot be DDoS because it is not the correct IP.\n\n7. To get the correct IP, you can see his DNS records at intodns.com/  . Scroll to look at SOA, MX and CNAME records.\n\n8. Try searching each IP at iplocation.net to see if it points to the correct country or not.\n\n9. Then if it is correct, repeat step 5 earlier. If there is no IP that points to the correct server or country, then look for another target.\n\nGood luck.\n\nViva Operation Israel Hackers!\n\n#Oplsrael - #FreePalestine - #AntiZionism - #Fucklsrael - #Anonymous\n\nhttps://github.com/sp00fing/ddos/blob/main/Layer-7/XML-RPC-Pingback-C/xml\n\nhttps://github.com/MatrixTM/MHDDoS\n\nhttps://ufonet.03c8.net/\n\nhttps://github.com/R00tS3c/DDOS-RootSec\n\nhttps://github.com/LimerBoy/Impulse\n\nlatest 0day for Ddos \n\nCVE-2023-44487\n\nGHOSTS of Palestine \ud83c\uddf5\ud83c\uddf8", "creation_timestamp": "2023-10-14T02:29:27.000000Z"}, {"uuid": "8e7b485e-7de6-4c24-9246-7367492741cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/HyzQRr244NBXwXjpKZdXabuhBv6fwfetR_-gT7B2VI_Bgw0RAQ", "content": "", "creation_timestamp": "2025-01-19T11:49:25.000000Z"}, {"uuid": "8fb6dc51-ac65-442b-ad5b-fbc4981374b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/Rk-2-MiKSRGO20vlyKqEDzRfwRCTNRmhpRVm2GIEz2ghE7giMw", "content": "", "creation_timestamp": "2025-01-19T11:41:40.000000Z"}, {"uuid": "93efd626-b250-4d5f-98fd-0523ae4cb559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/gcfu4uTEIg28qWTvcVOCKT3PEjHzicQ5yB2xIu5kEy-ne1tA", "content": "", "creation_timestamp": "2023-12-12T10:37:24.000000Z"}, {"uuid": "6268b36e-8bee-4c44-874b-f5b1b2ddadad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/9N9r8ZPqLAugg6RT8SXcczSP20TZGse6ot0ZEzE89QFl45o", "content": "", "creation_timestamp": "2023-10-12T14:00:35.000000Z"}, {"uuid": "019c7fb0-ed61-4b7f-b9bc-a8f6c88d78f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/3j8I0isFmLAbte1B6AblKmXFCQRKV1G1C2a7XeAcW0NPN4blEg", "content": "", "creation_timestamp": "2024-08-15T17:04:56.000000Z"}, {"uuid": "03d74977-9c30-43f6-86d0-9a32a4c82cd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/tdSiYql22npcty9iPwOM0bQpYA2KFxntFACu-Cz8kZF6tTA", "content": "", "creation_timestamp": "2023-10-12T07:19:05.000000Z"}, {"uuid": "aa2881c7-1313-43c8-9bab-cbb2ac1be955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/0q0wDMSotjqkkaTjo-wpulHVh7Xs1Oq3u_HHQm_rYiQEfKI", "content": "", "creation_timestamp": "2023-10-12T07:00:13.000000Z"}, {"uuid": "8931c6ac-2c02-4ea4-b57b-ac7371748936", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "Telegram/NmGuvqrxR56psaGwEYBH3Ex1ej1rR6FgCU_OcnrJpJ0j92g", "content": "", "creation_timestamp": "2023-10-12T04:56:06.000000Z"}, {"uuid": "8322e892-c5af-49a2-a9fd-c1b963013597", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/itARMYofUkraine2022_INT/27624", "content": "Google \u0442\u0430 Amazon \u043d\u0435\u0449\u043e\u0434\u0430\u0432\u043d\u043e \u0432\u0456\u0434\u0431\u0438\u043b\u0438 \u043d\u0430\u0439\u0431\u0456\u043b\u044c\u0448\u0443 \u0432 \u0456\u0441\u0442\u043e\u0440\u0456\u0457 DDoS-\u0430\u0442\u0430\u043a\u0443 \u0437 \u043f\u0456\u043a\u043e\u043c \u0443 398 \u043c\u0456\u043b\u044c\u0439\u043e\u043d\u0456\u0432 \u0437\u0430\u043f\u0438\u0442\u0456\u0432 \u0437\u0430 \u0441\u0435\u043a\u0443\u043d\u0434\u0443, \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u044e\u0447\u0438 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0443 HTTP/2. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0454\u0442\u044c\u0441\u044f \u043d\u0435\u0433\u0430\u0439\u043d\u043e \u043e\u043d\u043e\u0432\u0438\u0442\u0438 \u0432\u0441\u0456 \u0456\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0441\u0435\u0440\u0432\u0456\u0441\u0438 \u0434\u043b\u044f \u0443\u0441\u0443\u043d\u0435\u043d\u043d\u044f \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 CVE-2023-44487, \u0449\u043e\u0431 \u0437\u0430\u043f\u043e\u0431\u0456\u0433\u0442\u0438 \u043f\u043e\u0434\u0456\u0431\u043d\u0438\u043c \u0437\u0430\u0433\u0440\u043e\u0437\u0430\u043c. \u041c\u0430\u0441\u0448\u0442\u0430\u0431 \u0442\u0430 \u0441\u043a\u043b\u0430\u0434\u043d\u0456\u0441\u0442\u044c \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a \u0441\u0442\u0440\u0456\u043c\u043a\u043e \u0437\u0440\u043e\u0441\u0442\u0430\u044e\u0442\u044c, \u0449\u043e \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0437\u043d\u0430\u0447\u043d\u0438\u0439 \u0440\u0438\u0437\u0438\u043a \u0434\u043b\u044f \u0432\u0441\u0435\u0441\u0432\u0456\u0442\u043d\u044c\u043e\u0457 \u043e\u043d\u043b\u0430\u0439\u043d-\u0456\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0438. \u041e\u043d\u043e\u0432\u043b\u044e\u0439\u0442\u0435\u0441\u044c \u0442\u0430 \u0437\u0430\u0445\u0438\u0449\u0430\u0439\u0442\u0435 \u0441\u0432\u043e\u0457 \u0441\u0438\u0441\u0442\u0435\u043c\u0438.\n\n\u041f\u0440\u0438\u0454\u0434\u043d\u0443\u0439\u0442\u0435\u0441\u044c \u0434\u043e \u043d\u0430\u0448\u043e\u0433\u043e \u0447\u0430\u0442\u0443 \u0434\u043b\u044f \u0448\u0432\u0438\u0434\u043a\u043e\u0457 \u043a\u0456\u0431\u0435\u0440\u0434\u043e\u043f\u043e\u043c\u043e\u0433\u0438.\n--\nGoogle and Amazon recently thwarted the largest DDoS attack ever, peaking at 398 million requests per second, exploiting HTTP/2 protocol vulnerability. Urgent action is advised for all internet-facing services to patch against CVE-2023-44487 to prevent similar threats. The scale and sophistication of such attacks are rapidly growing, representing a significant risk to online infrastructure globally. Stay updated on patches and safeguard your systems.\n\nJoin our chat for quick cyberhelp.", "creation_timestamp": "2023-11-10T09:04:41.000000Z"}, {"uuid": "c6f928a0-a754-4d6c-9e73-98357678f96a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/40", "content": "\u26a1 Beware of the HTTP/2 Rapid Reset attack! \n\nA novel zero-day flaw is being exploited to launch record-breaking distributed DDoS attacks. \n\nFind out more here: https://thehackernews.com/2023/10/http2-rapid-reset-zero-day.html \n\nLearn how AWS, Cloudflare, and Google are addressing CVE-2023-44487.", "creation_timestamp": "2023-10-10T17:32:14.000000Z"}, {"uuid": "04d2765a-d795-4abb-bcee-a1019c9fe2c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/IYQCJdoDg1iSlKbn8ZslzoAumxbXC4NXxOL9Gs1tonDBX0k", "content": "", "creation_timestamp": "2025-01-19T15:39:14.000000Z"}, {"uuid": "669d8567-6915-488f-b104-ab55d65704df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/KomunitiSiber/914", "content": "HTTP/2 Rapid Reset Zero-Day Vulnerability Exploited to Launch Record DDoS Attacks\nhttps://thehackernews.com/2023/10/http2-rapid-reset-zero-day.html\n\nAmazon Web Services (AWS), Cloudflare, and Google on Tuesday said they took steps to mitigate record-breaking distributed denial-of-service (DDoS) attacks that relied on a novel technique called HTTP/2 Rapid Reset.\nThe\u00a0layer 7 attacks\u00a0were detected in late August 2023, the companies said in a coordinated disclosure. The cumulative susceptibility to this attack is being tracked as\u00a0CVE-2023-44487,", "creation_timestamp": "2023-10-10T18:01:38.000000Z"}, {"uuid": "552f2b7b-7141-4961-a88e-2d8a2ebe66d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/ZJp_VCEhaga9OM9NBvz45K3ssC6nL69JeV_dGqoHwNSpsGU", "content": "", "creation_timestamp": "2025-04-15T05:00:08.000000Z"}, {"uuid": "fa9fefc1-1a06-4a56-b21e-ddd7c163c998", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/qDzkx44siSc8n4X8sjQ5ZjiFphGSFajZZfESRCa-0oTFNSE", "content": "", "creation_timestamp": "2025-04-23T05:00:06.000000Z"}, {"uuid": "8372b2e2-c493-4456-b3b6-3ddf15de3088", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/dkxB3yNasTV2nnby0yGIeEfvEQ0j97pj5WFC2YsD2kZioxQ", "content": "", "creation_timestamp": "2025-02-25T10:00:05.000000Z"}, {"uuid": "da08e68f-7fb9-4e8e-8836-04b4f0614ca1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ashaburroyah313/870", "content": "\u0633\u0652\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0640\u0645\u0650 \u0627\u0644\u0644\u0647\u0650 \u0627\u0644\u0631\u064e\u0651\u062d\u0652\u0645\u064e\u0646\u0650 \u0627\u0644\u0631\u064e\u0651\u062d\u0650\u064a\u0652\u0645\u0650\n\u0627\u0644\u0644\u0647 \u0623\u0643\u0628\u0631\u00a0\u00a0\u0627\u0644\u0644\u0647 \u0623\u0643\u0628\u0631\u00a0\u00a0\u0627\u0644\u0644\u0647 \u0623\u0643\u0628\u0631\n\u0625\u0646 \u0634\u0627\u0621 \u0627\u0644\u0644\u0647\n\nTarget : https://bankjerusalem.co.il\nIP : 66.22.119.20\nHostname : 66.22.119.20\nISP : Redware Inc & Dc Protection Ltd\nInfo: No WAF detected by the generic detection\n\nPORT : 53 filtered domain\nPORT : 80 http\nPORT : 443 https \nMETHOD : TCP/UDP\nDomain : isoc.org.il 51.17.123.48 \nASN: AS16509 \nCountry: IL \nCity: TEL AVIV \nDomain: Amazonaws.com | IIX.NET.IL | ISOC.org.il | \nPorts: 80 | 443 | \nHTTP Status: 301 | \nProvider: Amazon.com, Inc. \nOrganization: A100 Row Inc \nPossible vulnerabilities: CVE-2021-3618 | CVE-2023-44487 |\n\nGreetz:- All Muslim Hackers\n\n#TengkorakCyberCrew \n#EagleCyberCrew\n#RipperSec\n#KhalifahCyberCrew\n#HelangMerahGroup \n#LaskarPembebasanPalestina\n#TeamCyberAbabil\n#Cyberwar PaLestiNe 3.0\n#TABM MALAYSIA-PALESTINE (MyPA)\n\nCome join us!!\nhttps://t.me/MalaysiaHacktivist\nhttps://t.me/MalaysiaHacktivistz", "creation_timestamp": "2024-02-12T14:57:44.000000Z"}, {"uuid": "1c61484b-ca08-4c75-865e-9ac8e5bd6edb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/true_secator/4951", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b Microsoft October 2023 Patch Tuesday, \u0430 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u043d\u0438\u043c \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f 104 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0440\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 0-day.\n\n\u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u0437\u0430\u043a\u0440\u044b\u0442\u043e 26 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 3 - \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 45 - RCE (\u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0442\u043e\u043b\u044c\u043a\u043e 12 \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u044b \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435), 12 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 17 - DoS \u0438 1 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u043e\u043c.\n\n\u041f\u043e\u043c\u0438\u043c\u043e 104, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Chromium, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2023-5346, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 3 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0438 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0435\u043d\u0430 \u043d\u0430 Microsoft Edge.\n\n\u0418\u0437 \u0442\u0440\u0435\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u043d\u0435\u0440\u0430\u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u043e\u0441\u0442\u0430\u043b\u0430\u0441\u044c \u043b\u0438\u0448\u044c \u043e\u0434\u043d\u0430.\n\n\u041f\u0435\u0440\u0432\u0430\u044f 0-day, CVE-2023-41763, - \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Skype \u0434\u043b\u044f \u0431\u0438\u0437\u043d\u0435\u0441\u0430, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0439\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u043d\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u0432\u043d\u0435\u0441\u0442\u0438 \u0432 \u043d\u0435\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f.\n\n\u0411\u0430\u0433\u0443 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0424\u043b\u043e\u0440\u0438\u0430\u043d \u0425\u0430\u0443\u0437\u0435\u0440, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442, \u0447\u0442\u043e \u044d\u0442\u043e \u0442\u0430\u00a0\u0436\u0435 \u0441\u0430\u043c\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0440\u0430\u043d\u0435\u0435 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430 \u043e\u043d \u0443\u0436\u0435 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u044f\u043b Microsoft, \u0442\u043e\u0433\u0434\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0442\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0435\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c. \u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440 \u0441\u0447\u0438\u0442\u0430\u0435\u0442 \u0442\u0430\u043a\u0436\u0435, \u0447\u0442\u043e \u0435\u0435 \u043c\u043e\u0434\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0432 \u043f\u0435\u0440\u0438\u043c\u0435\u0442\u0440.\n\n\u0414\u0440\u0443\u0433\u0430\u044f CVE-2023-36563\u00a0\u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Microsoft WordPad \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438. \u0415\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 NTLM-\u0445\u044d\u0448\u0435\u0439 \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430 \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438.\n\n\u0427\u0442\u043e\u0431\u044b \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u043e\u0439\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u0437\u0430\u0442\u0435\u043c \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0435 \u041f\u041e, \u0447\u0442\u043e \u0438 \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044e \u043d\u0430\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439. \u041f\u043e\u043c\u0438\u043c\u043e \u044d\u0442\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 Microsoft Threat Intelligence \u0438, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0442\u0432\u0435\u0442\u0432\u043b\u0435\u043d\u0438\u0435\u043c CVE-2023-36761, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435.\n\n\u0418 \u043d\u0430\u043a\u043e\u043d\u0435\u0446, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u043d\u043e\u0432\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u0438 DDoS-\u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2023-44487 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c HTTP/2 Rapid Reset, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0441 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u0438 \u0431\u044c\u0435\u0442 \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0440\u0435\u043a\u043e\u0440\u0434\u044b \u043f\u043e DDoS.\n\n\u0410\u0442\u0430\u043a\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u043e\u0442\u043c\u0435\u043d\u044b \u043f\u043e\u0442\u043e\u043a\u0430 HTTP/2 \u0438 \u043d\u0435 \u0438\u043c\u0435\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0431\u044b \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c, \u043a\u0440\u043e\u043c\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u0438 \u0438\u043b\u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430. Microsoft \u0432\u044b\u0431\u0440\u0430\u043d \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u044b\u043b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0441\u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b Cloudflare, Amazon \u0438 Google. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442\u0441\u044f.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 Microsoft October 2023 Patch Tuesday, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d\u00a0\u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2023-10-11T13:47:32.000000Z"}, {"uuid": "d5c4fba7-d720-4355-b5ee-2f57aeb240dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/lVJgfs5XAHvajpl794U45S89a4qLDVmI9MW4eeqQE3QLlDc", "content": "", "creation_timestamp": "2025-02-19T16:00:09.000000Z"}, {"uuid": "ed872285-81ec-4ee4-b40a-d2d8980cc85c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/proxy_bar/1781", "content": "CVE-2023-44487\n\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2\n\u041f\u043e\u043a\u0430 exploit (\u0437\u0430\u0442\u043e\u0447\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 DOS) \u043f\u043e\u043b\u0437\u0430\u043b \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u043f\u043e\u0434 \u0430\u0442\u0430\u043a\u0443 \u043f\u043e\u043f\u0430\u043b\u0438 Google, AWS, CloudFlare \\ etc\n\u041f\u0438\u043a \u0430\u0442\u0430\u043a\u0438 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u043b 389 000 000 (\u0434\u0430 \u0434\u0430) \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443.\n\u041d\u0443 \u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0436\u0435 \u0432\u0441\u0435 \u044d\u0442\u043e \u0443\u043f\u043b\u044b\u043b\u043e ))))\n\u041a\u0441\u0442\u0430\u0442\u0438 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0439 \u043e\u0442\u0447\u0435\u0442 \u0435\u0441\u0442\u044c \u0443 HAproxy, \u0442\u0438\u043f\u0430 \u043d\u0430\u0448\u0430 \u0445\u0430\u0442\u0430 \u0441 \u043a\u0440\u0430\u044e \u0438 \u0432\u043e\u043e\u0431\u0449\u0435 \u043d\u0430\u0448 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a \u043d\u0435 \u0414\u043e\u0421\u0438\u0442\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e.\n\nlink 1\nlink 2\nlink 3\nlink 4\nlink 5\nwhat the fuck notes \n\n#DoS #HA", "creation_timestamp": "2023-10-16T23:22:24.000000Z"}, {"uuid": "6fdfc40f-7eb0-4a0d-bf4f-5c8419ccdd23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/true_secator/6092", "content": "\u0412\u0435\u0434\u0443\u0449\u0438\u0435 \u0432\u0435\u043d\u0434\u043e\u0440\u044b ICS Siemens, Schneider Electric, Rockwell Automation \u0438 Aveva \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 \u0435\u0436\u0435\u043c\u0435\u0441\u044f\u0447\u043d\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f ICS.\n\nSiemens\u00a0\u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 9 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439, \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0438\u0445 \u043e\u043a\u043e\u043b\u043e 50 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u041f\u0440\u0438\u0447\u0435\u043c \u043e\u043a\u043e\u043b\u043e 30 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0432 SINEC Network Management System (NMS), \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0438 \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b, \u0432 \u0438\u0445 \u0441\u043f\u0438\u0441\u043e\u043a \u0442\u0430\u043a\u0436\u0435 \u0432\u0445\u043e\u0434\u0438\u0442 CVE-2023-44487, \u043a\u043e\u0442\u043e\u0440\u0430\u044f\u00a0\u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0445 DDoS-\u0430\u0442\u0430\u043a HTTP/2 Rapid Reset.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Siemens \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE, DoS \u0438\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Intralog WMS, Teamcenter Visualization, JT2Go, NX, Scalance M-800, Sinec Traffic Analyzer \u0438 Comos.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0437\u0430\u0449\u0438\u0442\u043e\u0439 \u043f\u0430\u0440\u043e\u043b\u0435\u043c \u0432 Location Intelligence \u0438 Logo.\n\nSchneider Electric\u00a0\u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0434\u0432\u0430 \u043d\u043e\u0432\u044b\u0445 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f, \u043e\u0434\u0438\u043d \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u043d\u0444\u043e\u0440\u043c\u0438\u0440\u0443\u0435\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 EcoStruxure Machine SCADA Expert \u0438 Blue Open Studio, \u0432\u043e\u0437\u043d\u0438\u043a\u0448\u0435\u0439 \u0438\u0437-\u0437\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Aveva, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a EoP.\n\n\u0412\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 Schneider \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0432\u043b\u0438\u044f\u044e\u0449\u0443\u044e \u043d\u0430 \u041f\u041e Accutech Manager, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u0435 \u0434\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0438 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u0442\u0447\u0438\u043a\u043e\u0432 Accutech. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u041f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u041f\u041e\u00a0Aveva\u00a0\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e \u0442\u0440\u0435\u0445 \u043d\u043e\u0432\u044b\u0445 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f\u0445 - \u0432\u0441\u0435 \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c DoS \u0432 SuiteLink Server, \u043e\u0448\u0438\u0431\u043a\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0438 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u044f\u0446\u0438\u0438 \u0441 \u0444\u0430\u0439\u043b\u0430\u043c\u0438 \u0432 Aveva Reports for Operations, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0448\u0438\u0431\u043a\u0443 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 Historian Server.\n\nRockwell Automation\u00a0\u0437\u0430\u044f\u0432\u0438\u043b\u0430 \u043e \u0434\u0435\u0432\u044f\u0442\u0438 \u043d\u043e\u0432\u044b\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441\u043e \u0441\u0440\u0435\u0434\u043d\u0438\u043c \u0438 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u044f\u043c\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\u00a0\n\n\u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u043e\u0448\u0438\u0431\u043a\u0438 RCE \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 AADvance \u0438 FactoryTalk, \u0430 \u0442\u0430\u043a\u0436\u0435 DoS - \u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430\u0445 CompactLogix, GuardLogix, ControlLogix \u0438 Micro.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u044d\u0442\u043e\u0433\u043e Rockwell \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043e\u0448\u0438\u0431\u043a\u0443 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 DataMosaix, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 DLL \u0432 Emulate3D \u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0441 \u043d\u0435\u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0432 Pavilion8.", "creation_timestamp": "2024-08-14T16:00:07.000000Z"}, {"uuid": "de375d5a-4115-4b9e-af13-0dbb458dc61e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/true_secator/5396", "content": "Fortinet \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043d\u043e\u0432\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 FortiOS SSL VPN, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\nCVE-2024-21762 (FG-IR-24-015) \u0438\u043c\u0435\u0435\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 CVSS 9,6 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u0438 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0433\u0440\u0430\u043d\u0438\u0446 \u0432 FortiOS.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438\u043b\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u0447\u0435\u0440\u0435\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u044b.\n\n\u0414\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043a\u0438, Fortinet \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u0430 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0435\u0441\u043b\u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435 \u0443\u0434\u0430\u0435\u0442\u0441\u044f - \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043c\u043e\u0436\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c, \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0432 SSL VPN \u043d\u0430 \u0441\u0432\u043e\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441 FortiOS.\n\n\u0427\u0442\u043e \u0436\u0435 \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, Fortinet \u043d\u0435 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439, \u0440\u0430\u0432\u043d\u043e \u0438 \u0442\u043e\u043c, \u043a\u0442\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\n\n\u0418\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043b\u0438\u0448\u044c \u0442\u043e, \u0447\u0442\u043e \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043d\u0430\u0440\u044f\u0434\u0443 \u0441 \u043d\u0435\u0439 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0440\u0430\u0441\u043a\u0440\u044b\u043b \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0438 \u043f\u043e \u0434\u0440\u0443\u0433\u0438\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c, \u0441\u0440\u0435\u0434\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445: CVE-2024-23113 (\u0440\u0435\u0439\u0442\u0438\u043d\u0433 9,8), CVE-2023-44487 \u0438 CVE-2023-47537 (\u043e\u0431\u0435 \u0441\u043e \u0441\u0440\u0435\u0434\u043d\u0438\u043c \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c). \u041e\u0434\u043d\u0430\u043a\u043e \u0438\u0445 \u043d\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438 \u043a\u0430\u043a \u0440\u0435\u0430\u043b\u044c\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0432 \u0432\u0438\u0434\u0443 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f CVE-2024-21762 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.", "creation_timestamp": "2024-02-09T11:20:05.000000Z"}, {"uuid": "9ef14cdb-b0a7-4a9f-9446-4703eb2e4a9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/true_secator/4954", "content": "\u041d\u043e\u0432\u044b\u0439 \u043c\u0435\u0442\u043e\u0434 DDoS-\u0430\u0442\u0430\u043a\u0438 HTTP/2 Rapid Reset \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a 0-day \u0438 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0435\u0432\u0437\u043e\u0448\u0435\u043b \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0440\u0435\u043a\u043e\u0440\u0434\u043d\u044b\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 DDoS. \n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0442\u0440\u0435\u0432\u043e\u0433\u0443 \u0431\u044c\u044e\u0442 \u0442\u0430\u043a\u0438\u0435 \u043c\u0430\u0441\u0442\u043e\u0434\u043e\u043d\u0442\u044b, \u043a\u0430\u043a Amazon Web Services, Cloudflare \u0438 Google, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0438\u0441\u044c \u0438 \u0431\u044b\u043b\u0438 \u0432\u044b\u043d\u0443\u0436\u0434\u0435\u043d\u044b \u043e\u0442\u0440\u0430\u0436\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0441\u0432\u043e\u0435\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u044e\u0449\u0438\u0435 155, 201 \u0438 \u0440\u0435\u043a\u043e\u0440\u0434\u043d\u044b\u0435 398 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n\u0410\u0442\u0430\u043a\u0430 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2 (CVE-2023-44487), \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u043e\u0442\u043c\u0435\u043d\u044b \u043f\u043e\u0442\u043e\u043a\u0430, \u043d\u0435\u043f\u0440\u0435\u0440\u044b\u0432\u043d\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0438 \u043e\u0442\u043c\u0435\u043d\u044f\u044f \u0437\u0430\u043f\u0440\u043e\u0441\u044b, \u0447\u0442\u043e \u043f\u0435\u0440\u0435\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0438\u043b\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0438 \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 DoS.\n\nGoogle \u0441\u043c\u043e\u0433 \u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c\u0441\u044f \u0441 \u0430\u0442\u0430\u043a\u0430\u043c\u0438, \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u0434\u043e\u0431\u0430\u0432\u0438\u043b \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u044c \u043d\u0430 \u043f\u0435\u0440\u0438\u0444\u0435\u0440\u0438\u0438 \u0441\u0432\u043e\u0435\u0439 \u0441\u0435\u0442\u0438.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 HTTP/2 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0434\u043b\u0438\u043d\u043d\u044b\u0445 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0435\u0439 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\nCloudflare, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043c\u044f\u0433\u0447\u0438\u043b \u0430\u0442\u0430\u043a\u0443 \u0432 \u0442\u0440\u0438 \u0440\u0430\u0437\u0430 \u0431\u043e\u043b\u044c\u0448\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u0441\u0432\u043e\u0435\u0433\u043e \u0430\u043d\u0442\u0438\u0440\u0435\u043a\u043e\u0440\u0434\u0430, \u043e\u0436\u0438\u0434\u0430\u0435\u0442, \u0447\u0442\u043e HTTP/2 Rapid Reset \u0431\u0443\u0434\u0443\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0440\u0430\u0441\u0442\u0438 \u0438 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c\u0441\u044f, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0435\u043f\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0441\u0432\u043e\u044f\u0442 \u043d\u043e\u0432\u044b\u0439 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e \u043d\u0430\u0440\u0430\u0441\u0442\u044f\u0442 \u0441\u0432\u043e\u0438 \u0431\u043e\u0442\u043d\u0435\u0442\u044b.\n\nCloudflare \u0443\u0436\u0435 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b \u043a\u043e\u043b\u043e\u0441\u0441\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u043e\u0441\u0442 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u0439 \u0441\u0440\u0435\u0434\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0438 \u0435\u0441\u043b\u0438 \u0432\u044b \u0443\u0432\u0438\u0434\u0435\u043b\u0438 \u043e\u0448\u0438\u0431\u043a\u0443 502 \u0432\u043c\u0435\u0441\u0442\u043e \u0436\u0435\u043b\u0430\u0435\u043c\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430 \u0441\u0430\u0439\u0442\u0430, \u0442\u043e \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u044d\u0442\u043e \u0434\u0435\u043b\u043e \u0440\u0443\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.", "creation_timestamp": "2023-10-11T19:34:48.000000Z"}, {"uuid": "a529a5bd-9fc7-4108-8ecb-17bf9749213a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/leak_db2/1220", "content": "Examples for implementing cve-2023-44487\n\nhttps://github.com/nxenon/cve-2023-44487", "creation_timestamp": "2023-11-10T10:18:59.000000Z"}, {"uuid": "a931c4b4-984d-4b0b-8cc5-8aaa0626c854", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/itarmyofukraine2022/1786", "content": "Google \u0442\u0430 Amazon \u043d\u0435\u0449\u043e\u0434\u0430\u0432\u043d\u043e \u0432\u0456\u0434\u0431\u0438\u043b\u0438 \u043d\u0430\u0439\u0431\u0456\u043b\u044c\u0448\u0443 \u0432 \u0456\u0441\u0442\u043e\u0440\u0456\u0457 DDoS-\u0430\u0442\u0430\u043a\u0443 \u0437 \u043f\u0456\u043a\u043e\u043c \u0443 398 \u043c\u0456\u043b\u044c\u0439\u043e\u043d\u0456\u0432 \u0437\u0430\u043f\u0438\u0442\u0456\u0432 \u0437\u0430 \u0441\u0435\u043a\u0443\u043d\u0434\u0443, \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u044e\u0447\u0438 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0443 HTTP/2. \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0454\u0442\u044c\u0441\u044f \u043d\u0435\u0433\u0430\u0439\u043d\u043e \u043e\u043d\u043e\u0432\u0438\u0442\u0438 \u0432\u0441\u0456 \u0456\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0441\u0435\u0440\u0432\u0456\u0441\u0438 \u0434\u043b\u044f \u0443\u0441\u0443\u043d\u0435\u043d\u043d\u044f \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 CVE-2023-44487, \u0449\u043e\u0431 \u0437\u0430\u043f\u043e\u0431\u0456\u0433\u0442\u0438 \u043f\u043e\u0434\u0456\u0431\u043d\u0438\u043c \u0437\u0430\u0433\u0440\u043e\u0437\u0430\u043c. \u041c\u0430\u0441\u0448\u0442\u0430\u0431 \u0442\u0430 \u0441\u043a\u043b\u0430\u0434\u043d\u0456\u0441\u0442\u044c \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a \u0441\u0442\u0440\u0456\u043c\u043a\u043e \u0437\u0440\u043e\u0441\u0442\u0430\u044e\u0442\u044c, \u0449\u043e \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0437\u043d\u0430\u0447\u043d\u0438\u0439 \u0440\u0438\u0437\u0438\u043a \u0434\u043b\u044f \u0432\u0441\u0435\u0441\u0432\u0456\u0442\u043d\u044c\u043e\u0457 \u043e\u043d\u043b\u0430\u0439\u043d-\u0456\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0438. \u041e\u043d\u043e\u0432\u043b\u044e\u0439\u0442\u0435\u0441\u044c \u0442\u0430 \u0437\u0430\u0445\u0438\u0449\u0430\u0439\u0442\u0435 \u0441\u0432\u043e\u0457 \u0441\u0438\u0441\u0442\u0435\u043c\u0438.\n\n\u041f\u0440\u0438\u0454\u0434\u043d\u0443\u0439\u0442\u0435\u0441\u044c \u0434\u043e \u043d\u0430\u0448\u043e\u0433\u043e \u0447\u0430\u0442\u0443 \u0434\u043b\u044f \u0448\u0432\u0438\u0434\u043a\u043e\u0457 \u043a\u0456\u0431\u0435\u0440\u0434\u043e\u043f\u043e\u043c\u043e\u0433\u0438.\n--\nGoogle and Amazon recently thwarted the largest DDoS attack ever, peaking at 398 million requests per second, exploiting HTTP/2 protocol vulnerability. Urgent action is advised for all internet-facing services to patch against CVE-2023-44487 to prevent similar threats. The scale and sophistication of such attacks are rapidly growing, representing a significant risk to online infrastructure globally. Stay updated on patches and safeguard your systems.\n\nJoin our chat for quick cyberhelp.", "creation_timestamp": "2023-11-10T09:01:52.000000Z"}, {"uuid": "51d9cb49-1e6e-4eb7-bf15-7707e4fe583b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/murdernet/845", "content": "Planned Updates Regarding Upcoming BROWSER Method Soon To Be Added!\n\n+ Improved Detection Against Cloudflares HTTP DDOS & UAM Detection.\n+ Improved Detection Against Cloudflares JS Challenges.\n+ Improved Detection Against MyArena JS Challenges.\n+ Improved Detection Against vShield JS Challenges & Browser Checks.\n\n- Current Research - \n- HTTP/2 Rapid Reset Exploit (CVE-2023-44487)\n- 1:1 Browser Emulation Regarding a Mix Of HTTP/2 + HTTP/3 Versions\n\n- @bassings | Admin & Method Development", "creation_timestamp": "2024-01-08T02:22:06.000000Z"}, {"uuid": "e2326c9f-19b4-422e-897e-0cab74ae0fbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6372", "content": "DDoS methods\n\n1. Find the target domain example.com\n\n2. Try ping to see the IP: ping domain.com\n\n3. Copy the IP address and search near iplocation.net\n\n4. Look at the IP location that points to the correct country or not.\n\n5. If the IP points to the right country, most likely the server is there and can continue the DoS attack with Hping3, LOIC, RUDY and others.\n\n6. If the IP points to a cloud such as google, aws, akamai or waf such as cloudflare, imperva and others, then it cannot be DDoS because it is not the correct IP.\n\n7. To get the correct IP, you can see his DNS records at intodns.com/  . Scroll to look at SOA, MX and CNAME records.\n\n8. Try searching each IP at iplocation.net to see if it points to the correct country or not.\n\n9. Then if it is correct, repeat step 5 earlier. If there is no IP that points to the correct server or country, then look for another target.\n\nGood luck.\n\nViva Operation Israel Hackers!\n\n#Oplsrael - #FreePalestine - #AntiZionism - #Fucklsrael - #Anonymous\n\nhttps://github.com/sp00fing/ddos/blob/main/Layer-7/XML-RPC-Pingback-C/xml\n\nhttps://github.com/MatrixTM/MHDDoS\n\nhttps://ufonet.03c8.net/\n\nhttps://github.com/R00tS3c/DDOS-RootSec\n\nhttps://github.com/LimerBoy/Impulse\n\nlatest 0day for Ddos \n\nCVE-2023-44487\n\nhttps://t.me/GrayHatsHack", "creation_timestamp": "2024-05-30T09:10:39.000000Z"}, {"uuid": "51a3ed8c-0514-4a7d-bb76-54c6a9e1c0d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/5856", "content": "\u041f\u043e\u0434 \u043a\u043e\u043d\u0435\u0446 \u043d\u0435\u0434\u0435\u043b\u0438 \u043f\u043e\u0434\u043e\u0441\u043f\u0435\u043b\u0438 PoC \u0434\u043b\u044f \u0440\u0430\u0437\u043d\u043e\u0433\u043e \u0440\u043e\u0434\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438 \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435\u043f\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0431\u0443\u0434\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u041e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u0435 \u0437\u0430\u0438\u043d\u0442\u0435\u0440\u0435\u0441\u0443\u0435\u0442 PoC \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Veeam Recovery Orchestrator \u0432\u0435\u0440\u0441\u0438\u0439 7.0.0.337 \u0438 7.1.0.205 \u0438 \u0441\u0442\u0430\u0440\u0448\u0435,\u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2024-29855 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c 9.0 \u043f\u043e CVSS v3.1.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u043e\u0439\u0442\u0438 \u0432 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 VRO \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\u00a0\n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u00a0\u0421\u0438\u043d\u0430 \u0425\u0435\u0439\u0440\u043a\u0445\u0430\u0445, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0432 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u043f\u043e \u044d\u0442\u043e\u043c\u0443 \u043f\u043e\u0432\u043e\u0434\u0443 \u0443 \u0441\u0435\u0431\u044f \u043d\u0430 \u0441\u0430\u0439\u0442\u0435.\n\n\u0410 \u0432\u043e\u0442 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0430\u044f Qrator Labs \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0434\u0435\u043b\u044f\u0442\u0441\u044f \u043a\u043e\u0434\u043e\u043c PoC \u0434\u043b\u044f DDoS-\u0430\u0442\u0430\u043a\u0438 HTTP/2 Rapid Reset (CVE-2023-44487).\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c CertiK SkyFall \u0412\u0430\u043d \u0422\u0438\u043b\u0435\u0439 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b PoC \u0434\u043b\u044f CVE-2024-27801, \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 NSXPC \u0432 macOS \u0438 iOS \u043e\u0442 Apple.\n\n\u041e\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0438\u0445 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0434\u0435\u0441\u044f\u0442\u044c \u043b\u0435\u0442 \u043d\u0430\u0437\u0430\u0434. Apple \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u0430\u0435.\n\nHorizon3 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0438 PoC \u0434\u043b\u044f CVE-2024-29824, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f SQL \u0432 Ivanti EPM.\n\n\u041f\u043e\u043a\u0430 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u0439\u00a0\u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u043e\u0441\u044c, \u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043a\u0430.\n\n\u0412\u044b\u0448\u043b\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0438 PoC \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CVE-2024\u20134956) \u0432 Sonatype Nexus. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u0430\u0435.", "creation_timestamp": "2024-06-14T14:23:44.000000Z"}, {"uuid": "e56efba5-ad4a-4fcb-954e-de297a9b92ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/cibsecurity/72761", "content": "\u203c CVE-2023-45802 \u203c\n\nWhen a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.This was found by the reporter during testing of\u00c2\u00a0CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.Users are recommended to upgrade to version 2.4.58, which fixes the issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-23T12:37:26.000000Z"}, {"uuid": "9d25ac88-488a-4903-9f5e-c6848f99ffed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/182482", "content": "https://ift.tt/qvKHu9Q\nCVE-2023-44487 | Oracle PeopleSoft Enterprise PeopleTools 8.59/8.60/8.61 Open Search/Elastic Search denial of service", "creation_timestamp": "2024-02-10T09:07:07.000000Z"}, {"uuid": "0356f86f-8337-4d39-b26f-6b662d16c6ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180905", "content": "https://ift.tt/Op3gNPZ\nCVE-2023-44487 | Oracle Communications Cloud Native Core Network Slice Selection Function Install/Upgrade denial of service", "creation_timestamp": "2024-02-07T19:16:39.000000Z"}, {"uuid": "4ceebc03-e3de-413d-bc83-ce2469fdb92d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/182507", "content": "https://ift.tt/nThfJup\nCVE-2023-44487 | Oracle Agile PLM 9.3.6 Security denial of service", "creation_timestamp": "2024-02-10T10:11:50.000000Z"}, {"uuid": "4691519f-64e8-469b-8c5f-a2b0572b13b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/182505", "content": "https://ift.tt/5BxFi3z\nCVE-2023-44487 | Oracle Siebel CRM Prior to 23.12 EAI /UI denial of service", "creation_timestamp": "2024-02-10T10:11:47.000000Z"}, {"uuid": "0d94470c-d78f-4996-a0c2-61639bd5021d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/182500", "content": "https://ift.tt/KnMuxdG\nCVE-2023-44487 | Oracle Retail EFTLink 20.0.1/21.0.0/23.0.0 Install denial of service", "creation_timestamp": "2024-02-10T09:41:19.000000Z"}, {"uuid": "e71e50f1-c7fe-47fe-a403-09b3183b4eee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/181027", "content": "https://ift.tt/42PWznR\nCVE-2023-44487 | Oracle Communications Network Analytics Data Director 23.2.0.0.2/23.3.0.0.0 Third Party denial of service", "creation_timestamp": "2024-02-07T23:16:39.000000Z"}, {"uuid": "0acdbbb1-21a5-441c-b420-63811b96bdaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/181012", "content": "https://ift.tt/hbV45Sv\nCVE-2023-44487 | Oracle Communications Network Analytics Data Director 23.2.0.0.2/23.3.0.0.0 Install/Upgrade denial of service", "creation_timestamp": "2024-02-07T22:46:58.000000Z"}, {"uuid": "1086b715-9ee2-4673-a47e-b3e4b68eb982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180904", "content": "https://ift.tt/bx67J2v\nCVE-2023-44487 | Oracle Communications Cloud Native Core Network Slice Selection Function Install/Upgrade denial of service", "creation_timestamp": "2024-02-07T19:16:38.000000Z"}, {"uuid": "a4b8c242-eecd-44c1-81e2-af768a05d612", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180900", "content": "https://ift.tt/oDOMV6b\nCVE-2023-44487 | Oracle Communications Cloud Native Core Network Repository Function Install/Upgrade denial of service", "creation_timestamp": "2024-02-07T18:46:58.000000Z"}, {"uuid": "8efc2d00-e78a-4fec-821b-b13f2569efec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180612", "content": "https://ift.tt/3yP4TG5\nCVE-2023-44487 | Oracle Communications Service Catalog and Design 7.4.0.7.0/7.4.1.5.0/7.4.2.8.0 PSR Designer denial of service", "creation_timestamp": "2024-02-07T10:36:06.000000Z"}, {"uuid": "4d66f369-4781-4bff-9ac6-fa88f85976f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180601", "content": "https://ift.tt/3gCWPS4\nCVE-2023-44487 | Oracle Communications Network Charging and Control 12.0.6.0.0/15.0.0.0.0 Common Functions denial of service", "creation_timestamp": "2024-02-07T10:06:44.000000Z"}, {"uuid": "3a4920d6-9e9a-46b3-ba84-5c17e55f64fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180866", "content": "https://ift.tt/FL3ZnTh\nCVE-2023-44487 | Oracle Communications Cloud Native Core Network Repository Function Install/Upgrade denial of service", "creation_timestamp": "2024-02-07T18:12:07.000000Z"}, {"uuid": "6b1865be-58ad-4dc6-8c2b-5ba098cffe19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180604", "content": "https://ift.tt/qSTR35Y\nCVE-2023-44487 | Oracle Communications Pricing Design Center up to 12.0.0.8.0/15.0.0.0.0 REST Services Manager denial of service", "creation_timestamp": "2024-02-07T10:06:47.000000Z"}, {"uuid": "d8eaafc5-3608-4dd7-8da6-57e3c6429444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180421", "content": "https://ift.tt/T6YSsq3\nCVE-2023-44487 | Oracle Commerce Guided Search 11.3.2 Workbench denial of service", "creation_timestamp": "2024-02-06T23:51:55.000000Z"}, {"uuid": "3d080066-833c-4290-91ee-2cf043caa104", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/181856", "content": "https://ift.tt/zgbHkZO\nCVE-2023-44487 | Oracle Managed File Transfer 12.2.1.4.0 Runtime Server denial of service", "creation_timestamp": "2024-02-09T08:21:44.000000Z"}, {"uuid": "059727ac-4173-49d5-9b9a-3fe78a30f632", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180592", "content": "https://ift.tt/o7dctMn\nCVE-2023-44487 | Oracle Communications Messaging Server 8.1.0.24.0 Security denial of service", "creation_timestamp": "2024-02-07T09:37:02.000000Z"}, {"uuid": "20e62728-d8f9-4410-bafd-319aea961435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180590", "content": "https://ift.tt/flMyRzj\nCVE-2023-44487 | Oracle Communications Convergent Charging Controller 12.0.6.0.0/15.0.0.0.0 Common Functions denial of service", "creation_timestamp": "2024-02-07T09:37:00.000000Z"}, {"uuid": "9953c906-f4aa-4d8c-a58d-dd971284f923", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180611", "content": "https://ift.tt/6JX7Upk\nCVE-2023-44487 | Oracle Communications Service Catalog and Design 7.4.0.7.0/7.4.1.5.0/7.4.2.8.0 PSR Designer denial of service", "creation_timestamp": "2024-02-07T10:36:05.000000Z"}, {"uuid": "03708f38-35fc-4a71-9c5c-f0936908d456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180996", "content": "https://ift.tt/0d8Fi2J\nCVE-2023-44487 | Oracle Communications Network Analytics Data Director 23.2.0.0.2/23.3.0.0.0 General denial of service", "creation_timestamp": "2024-02-07T22:22:03.000000Z"}, {"uuid": "b95411a6-3891-48a7-8e8b-8de19642d3b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180950", "content": "https://ift.tt/e7KtSY3\nCVE-2023-44487 | Oracle Communications Cloud Native Core Unified Data Repository Signaling denial of service", "creation_timestamp": "2024-02-07T20:46:46.000000Z"}, {"uuid": "e37a6013-f575-4520-9853-7d1a5e36428c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180949", "content": "https://ift.tt/GMYTdj1\nCVE-2023-44487 | Oracle Communications Cloud Native Core Unified Data Repository Signaling denial of service", "creation_timestamp": "2024-02-07T20:46:45.000000Z"}, {"uuid": "2402ce1f-2f42-4805-89fa-123cf6bd5729", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180937", "content": "https://ift.tt/kybjTBe\nCVE-2023-44487 | Oracle Communications Cloud Native Core Unified Data Repository Signaling denial of service", "creation_timestamp": "2024-02-07T20:16:20.000000Z"}, {"uuid": "ce09d0ab-53ce-42af-b40f-6f0ced18525a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/180928", "content": "https://ift.tt/ln0UfXB\nCVE-2023-44487 | Oracle Communications Cloud Native Core Security Edge Protection Proxy Signaling denial of service", "creation_timestamp": "2024-02-07T19:46:29.000000Z"}, {"uuid": "191c7388-5fef-4c90-916f-83877faa0547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/181854", "content": "https://ift.tt/3VJD2Rl\nCVE-2023-44487 | Oracle Coherence 12.2.1.4.0/14.1.1.0.0 Third Party denial of service", "creation_timestamp": "2024-02-09T08:21:42.000000Z"}, {"uuid": "782868d8-14d1-4477-835b-2bab3d875559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/182067", "content": "https://ift.tt/gRroveA\nCVE-2023-44487 | Oracle GraalVM for JDK Oracle GraalVM for JDK 21.0.1 Node denial of service", "creation_timestamp": "2024-02-09T15:26:56.000000Z"}, {"uuid": "5d333a4c-0f21-436c-b511-d74d59980251", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/ctinow/181836", "content": "https://ift.tt/9T8OmJH\nCVE-2023-44487 | Oracle Coherence 12.2.1.4.0/14.1.1.0.0 Third Party denial of service", "creation_timestamp": "2024-02-09T07:51:31.000000Z"}, {"uuid": "5d6fd16a-845a-4360-b427-01ffa086d24b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/3592", "content": "HTTP/2 Rapid Reset Attack ( cve-2023-44487 )\n\nConcept of the attack in code:\nHttps://github.com/nxenon/cve-2023-44487\n\n\n#dos #ddos #http2 #cve_2023_44487", "creation_timestamp": "2023-11-11T19:33:13.000000Z"}, {"uuid": "3e8f7958-dd34-4307-a45a-8ff0fdb9b9e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/cibsecurity/71988", "content": "\ud83d\udd74 Internet-Wide Zero-Day Bug Fuels Largest-Ever DDoS Event \ud83d\udd74\n\nOngoing Rapid Reset DDoS flood attacks exposed organizations need to patch CVE-2023-44487 immediately to head off crippling outages and business disruption.\n\n\ud83d\udcd6 Read\n\nvia \"Dark Reading\".", "creation_timestamp": "2023-10-10T21:52:06.000000Z"}, {"uuid": "b06c5733-e49c-4027-9ff2-22b5e32bbb4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/cibsecurity/71948", "content": "\u203c CVE-2023-44487 \u203c\n\nThe HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T18:16:48.000000Z"}, {"uuid": "2c274e6b-7706-43b2-9bc1-04fdf3857cea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/SecLabNews/14399", "content": "Rapid Reset: \u043d\u043e\u0432\u0430\u044f \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f HTTP/2, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043e\u0442\u043c\u0435\u043d\u0443 \u043f\u043e\u0442\u043e\u043a\u0430 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0433\u0438\u0433\u0430\u043d\u0442\u0441\u043a\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430\n\n\u2796 AWS, Cloudflare \u0438 Google \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u0438 \u0430\u0442\u0430\u043a Rapid Reset, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u043b\u0438 \u0434\u043e 398 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443.\n\n\u2796 \u0410\u0442\u0430\u043a\u0438 Rapid Reset \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 zero-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-44487 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2, \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u043e\u0442\u043c\u0435\u043d\u044b \u043f\u043e\u0442\u043e\u043a\u0430.\n\n\u2796 \u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u0430\u0442\u0430\u043a Rapid Reset \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432\u0441\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 HTTP-\u0430\u0442\u0430\u043a \u0438 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c \u0441\u0432\u043e\u044e \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u044c \u043a DDoS \u0440\u0430\u0437\u043d\u043e\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u043c\u0435\u0442\u043e\u0434\u0430\u043c\u0438.\n\n#DDoS #HTTP2 #RapidReset @SecLabNews", "creation_timestamp": "2023-10-11T07:34:31.000000Z"}, {"uuid": "974b2a25-a356-486d-b49f-fabc5cff4fe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/thehackernews/3990", "content": "\u26a1 Beware of the HTTP/2 Rapid Reset attack! \n \nA novel zero-day flaw is being exploited to launch record-breaking distributed DDoS attacks. \n \nFind out more here: https://thehackernews.com/2023/10/http2-rapid-reset-zero-day.html \n \nLearn how AWS, Cloudflare, and Google are addressing CVE-2023-44487.", "creation_timestamp": "2023-10-10T17:26:45.000000Z"}, {"uuid": "9487f7b1-95ff-4212-ba9a-92a3d3a598c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/S_E_Reborn/4142", "content": "\u041d\u043e\u0432\u044b\u0439 \u043c\u0435\u0442\u043e\u0434 DDoS-\u0430\u0442\u0430\u043a\u0438 HTTP/2 Rapid Reset \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a 0-day \u0438 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0435\u0432\u0437\u043e\u0448\u0435\u043b \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0440\u0435\u043a\u043e\u0440\u0434\u043d\u044b\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 DDoS. \n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0442\u0440\u0435\u0432\u043e\u0433\u0443 \u0431\u044c\u044e\u0442 \u0442\u0430\u043a\u0438\u0435 \u043c\u0430\u0441\u0442\u043e\u0434\u043e\u043d\u0442\u044b, \u043a\u0430\u043a Amazon Web Services, Cloudflare \u0438 Google, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0438\u0441\u044c \u0438 \u0431\u044b\u043b\u0438 \u0432\u044b\u043d\u0443\u0436\u0434\u0435\u043d\u044b \u043e\u0442\u0440\u0430\u0436\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0441\u0432\u043e\u0435\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u044e\u0449\u0438\u0435 155, 201 \u0438 \u0440\u0435\u043a\u043e\u0440\u0434\u043d\u044b\u0435 398 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n\u0410\u0442\u0430\u043a\u0430 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 HTTP/2 (CVE-2023-44487), \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u043e\u0442\u043c\u0435\u043d\u044b \u043f\u043e\u0442\u043e\u043a\u0430, \u043d\u0435\u043f\u0440\u0435\u0440\u044b\u0432\u043d\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0438 \u043e\u0442\u043c\u0435\u043d\u044f\u044f \u0437\u0430\u043f\u0440\u043e\u0441\u044b, \u0447\u0442\u043e \u043f\u0435\u0440\u0435\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0438\u043b\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0438 \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 DoS.\n\nGoogle \u0441\u043c\u043e\u0433 \u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c\u0441\u044f \u0441 \u0430\u0442\u0430\u043a\u0430\u043c\u0438, \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u0434\u043e\u0431\u0430\u0432\u0438\u043b \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u044c \u043d\u0430 \u043f\u0435\u0440\u0438\u0444\u0435\u0440\u0438\u0438 \u0441\u0432\u043e\u0435\u0439 \u0441\u0435\u0442\u0438.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 HTTP/2 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0434\u043b\u0438\u043d\u043d\u044b\u0445 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0435\u0439 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\nCloudflare, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043c\u044f\u0433\u0447\u0438\u043b \u0430\u0442\u0430\u043a\u0443 \u0432 \u0442\u0440\u0438 \u0440\u0430\u0437\u0430 \u0431\u043e\u043b\u044c\u0448\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u0441\u0432\u043e\u0435\u0433\u043e \u0430\u043d\u0442\u0438\u0440\u0435\u043a\u043e\u0440\u0434\u0430, \u043e\u0436\u0438\u0434\u0430\u0435\u0442, \u0447\u0442\u043e HTTP/2 Rapid Reset \u0431\u0443\u0434\u0443\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0440\u0430\u0441\u0442\u0438 \u0438 \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c\u0441\u044f, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0435\u043f\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0441\u0432\u043e\u044f\u0442 \u043d\u043e\u0432\u044b\u0439 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e \u043d\u0430\u0440\u0430\u0441\u0442\u044f\u0442 \u0441\u0432\u043e\u0438 \u0431\u043e\u0442\u043d\u0435\u0442\u044b.\n\nCloudflare \u0443\u0436\u0435 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b \u043a\u043e\u043b\u043e\u0441\u0441\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u043e\u0441\u0442 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u0439 \u0441\u0440\u0435\u0434\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0438 \u0435\u0441\u043b\u0438 \u0432\u044b \u0443\u0432\u0438\u0434\u0435\u043b\u0438 \u043e\u0448\u0438\u0431\u043a\u0443 502 \u0432\u043c\u0435\u0441\u0442\u043e \u0436\u0435\u043b\u0430\u0435\u043c\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430 \u0441\u0430\u0439\u0442\u0430, \u0442\u043e \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u044d\u0442\u043e \u0434\u0435\u043b\u043e \u0440\u0443\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.", "creation_timestamp": "2023-10-11T19:35:56.000000Z"}, {"uuid": "d77766d0-2882-44f0-aa85-160715c44e6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "exploited", "source": "https://t.me/GhostClanInt/24479", "content": "DDoS methods\n\n1. Find the target domain example.com\n\n2. Try ping to see the IP: ping domain.com\n\n3. Copy the IP address and search near iplocation.net\n\n4. Look at the IP location that points to the correct country or not.\n\n5. If the IP points to the right country, most likely the server is there and can continue the DoS attack with Hping3, LOIC, RUDY and others.\n\n6. If the IP points to a cloud such as google, aws, akamai or waf such as cloudflare, imperva and others, then it cannot be DDoS because it is not the correct IP.\n\n7. To get the correct IP, you can see his DNS records at intodns.com/  . Scroll to look at SOA, MX and CNAME records.\n\n8. Try searching each IP at iplocation.net to see if it points to the correct country or not.\n\n9. Then if it is correct, repeat step 5 earlier. If there is no IP that points to the correct server or country, then look for another target.\n\nGood luck.\n\nViva Operation Israel Hackers!\n\n#Oplsrael - #FreePalestine - #AntiZionism - #Fucklsrael - #Anonymous\n\nhttps://github.com/sp00fing/ddos/blob/main/Layer-7/XML-RPC-Pingback-C/xml\n\nhttps://github.com/MatrixTM/MHDDoS\n\nhttps://ufonet.03c8.net/\n\nhttps://github.com/R00tS3c/DDOS-RootSec\n\nhttps://github.com/LimerBoy/Impulse\n\nlatest 0day for Ddos \n\nCVE-2023-44487\n\nGHOSTS of Palestine \ud83c\uddf5\ud83c\uddf8", "creation_timestamp": "2024-02-08T13:15:25.000000Z"}, {"uuid": "9950f4cd-810b-4c2f-ae68-98cf72b59cf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/9181", "content": "#Threat_Research\n1. A Risk-Based Prioritization Taxonomy for prioritizing CVEs\nhttps://github.com/theparanoids/PrioritizedRiskRemediation\n2. HTTP/2 \"Rapid Reset\" DDoS attack (CVE-2023-44487)\nhttps://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\n]-> https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487", "creation_timestamp": "2023-10-12T11:00:38.000000Z"}, {"uuid": "66c85130-39c6-4d49-ba39-ea7e3165e4be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/SaturnSpark/3441", "content": "NEWS:\n+NEW METHOD \n-RAPIDRST\nBYPASS HTTPDDOS\n_\n+exploits:\nCVE-2016-6581, \nCVE-2019-9512, CVE-2023-44487\n__\nbest regards \n@strstring", "creation_timestamp": "2024-02-26T16:31:09.000000Z"}, {"uuid": "a04e650a-5f3a-4552-ae4a-66b17970fe9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/Rootsec_2/1333", "content": "#Threat_Research\n1. A Risk-Based Prioritization Taxonomy for prioritizing CVEs\nhttps://github.com/theparanoids/PrioritizedRiskRemediation\n2. HTTP/2 \"Rapid Reset\" DDoS attack (CVE-2023-44487)\nhttps://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\n]-> https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487", "creation_timestamp": "2024-08-16T08:33:54.000000Z"}, {"uuid": "884af9ce-4966-4303-ab10-e6fbcedc845f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9183", "content": "#tools\n#Blue_Team_Techniques\n1. Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487\nhttps://github.com/bcdannyboy/CVE-2023-44487\n2. An Algorithm to Detect Hosting Providers/IP Ranges\nhttps://ipapi.is/blog/detecting-hosting-providers.html\n3. Tool for MSSQL relay audit and abuse\nhttps://github.com/CompassSecurity/mssqlrelay\n]-> https://blog.compass-security.com/2023/10/relaying-ntlm-to-mssql", "creation_timestamp": "2023-10-12T11:00:38.000000Z"}, {"uuid": "29f3ef6c-aa57-40d6-8a48-819efed68b4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11806", "content": "#exploit\n1. CVE-2025-0108:\nNginx/Apache Path Confusion to Auth Bypass in PAN-OS\nhttps://slcyber.io/blog/nginx-apache-path-confusion-to-auth-bypass-in-pan-os\n\n2. CVE-2024-42009:\nStored XSS in Roundcube Webmail\nhttps://github.com/0xbassiouny1337/CVE-2024-42009\n\n3. CVE-2022-41741, CVE-2022-41742, CVE-2023-44487 Check Script:\nhttps://github.com/moften/CVE-2022-4174_CVE-2022-41742", "creation_timestamp": "2025-02-13T14:50:07.000000Z"}, {"uuid": "a37763d9-18c1-4946-b075-2afab51d4d0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1335", "content": "#tools\n#Blue_Team_Techniques\n1. Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487\nhttps://github.com/bcdannyboy/CVE-2023-44487\n2. An Algorithm to Detect Hosting Providers/IP Ranges\nhttps://ipapi.is/blog/detecting-hosting-providers.html\n3. Tool for MSSQL relay audit and abuse\nhttps://github.com/CompassSecurity/mssqlrelay\n]-> https://blog.compass-security.com/2023/10/relaying-ntlm-to-mssql", "creation_timestamp": "2024-08-16T08:33:54.000000Z"}, {"uuid": "0021d796-5f6d-4036-afaa-6f1565f865d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "Telegram/bDRsekGT6KsUOKSAQI-KSXDhypQzzgL-gjqbTcCXe2h_h6A", "content": "", "creation_timestamp": "2026-05-15T21:00:05.000000Z"}, {"uuid": "89961d3b-97e7-4e45-a9cc-bd1d3149ed5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "seen", "source": "https://t.me/kasraone_com/558", "content": "\u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u062a\u06a9\u0646\u06cc\u06a9 \u0647\u0627\u06cc \u062a\u06cc\u0645 \u0622\u0628\u06cc \ud83d\udc99\n\nGit Hub \ud83d\udc08\n\n1. \u0627\u0633\u06a9\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u0633\u0627\u0633\u06cc \u0628\u0631\u0627\u06cc \u062f\u06cc\u062f\u0646 \u0627\u06cc\u0646\u06a9\u0647 \u0622\u06cc\u0627 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u0648\u0628 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 CVE-2023-44487 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0628\u0627\u0634\u0646\u062f\nhttps://github.com/bcdannyboy/CVE-2023-44487\n\n2. \u06cc\u06a9 \u0627\u0644\u06af\u0648\u0631\u06cc\u062a\u0645 \u0628\u0631\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0645\u06cc\u0632\u0628\u0627\u0646\u06cc / \u0645\u062d\u062f\u0648\u062f\u0647 \u0647\u0627\u06cc IP\nhttps://ipapi.is/blog/detectin-hosting-providers.html\n\n3. \u0627\u0628\u0632\u0627\u0631 \u062d\u0633\u0627\u0628\u0631\u0633\u06cc \u0648 \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0631\u0644\u0647 MSSQL\n\nhttps://github.com/CompassSecurity/mssqlrelay\nhttps://blog.compass-security.com/2023/10/relaying-ntlm-to-mssql\n\n\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u2661 \u2800\u2800 \u3007\u2800\u00a0 \u2800 \u2399\u2800\u200c \u200c \u2332\u2063 \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u02e1\u2071\u1d4f\u1d49\u00a0 \u1d9c\u1d52\u1d50\u1d50\u1d49\u207f\u1d57\u00a0 \u02e2\u1d43\u1d5b\u1d49\u00a0 \u02e2\u02b0\u1d43\u02b3\u1d49\n\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 K1\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 kasraone", "creation_timestamp": "2023-10-17T07:21:58.000000Z"}, {"uuid": "7d438f11-9f8a-4bdd-9bae-288741b72e3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44487", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1360", "content": "https://github.com/imabee101/CVE-2023-44487\n\nPERFORM ATTACKS AT YOUR OWN RISK, THIS IS JUST A INFORMATIONAL, I AM NOT RESPONSIBLE FOR ILLEGAL ACTIVITY", "creation_timestamp": "2024-08-16T08:33:56.000000Z"}]}