Diamond Member ThaHaka 0 Posted Friday at 11:47 AM Diamond Member Share Posted Friday at 11:47 AM This is the hidden content, please Sign In or Sign Up A single wrong variable on one line in XQUIC, Alibaba's QUIC and HTTP/3 library, lets any remote client ****** the server with a short burst of completely legal traffic. There is no patch. FoxIO researcher Sébastien Féry disclosed the flaw on July 8 and nicknamed it XRING. He says it needs no login and no malformed packets: about 260 bytes of ordinary QPACK traffic takes the server This is the hidden content, please Sign In or Sign Up 0 Quote Link to comment https://hopzone.eu/forums/topic/321068-h4ckn3wsunpatched-xring-flaw-in-xquic-lets-remote-clients-crash-http3-servers/ Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.