Gregarius » BetaNews.Com » HTTP/2 has four huge security vulnerabilities

Canaux

108413 éléments (108413 non lus) dans 10 canaux

Actualités (48730 non lus)

• 01net. Actualités (48730 non lus)

Hoax (65 non lus)

• Top dix quotidien Sophos des canulars (65 non lus)

Logiciels (39066 non lus)

• BetaNews.Com (34382 non lus)
• Presence PC - Actualité Logiciels, jeux vidéos (3551 non lus)
• LeMondeInformatique.fr : Actualités Applications (1133 non lus)

Sécurité (1668 non lus)

• Actualités Sécurité Informatique (406 non lus)
• Les Nouvelles.net : sécurité informatique. (1262 non lus)

Referencement (18884 non lus)

• Secrets2moteurs (11765 non lus)
• Referencement Google WebRankInfo (2255 non lus)
• Abondance (4864 non lus)

BetaNews.Com

• 

  HTTP/2 has four huge security vulnerabilities

  Publié: août 4, 2016, 11:57am CEST par Mark Wilson

  The HTTP/2 standard was approved some time ago, but it is yet to be widely adopted. Before the standard can become widespread, however, there are four serious vulnerabilities that need to be addressed. The high-profile issues were revealed at Black Hat USA 2016 by Imperva researchers. They found that exploits similar to those that work on HTTP/1.x also work on the HTTP/2 protocol. The problems specifically affect server implementations from Apache, Microsoft, NGINX, Jetty, and nghttp2, but it is likely that other implementations are also at risk. Despite the fact that HTTP/2 has only been implemented on under 10 percent… [Continue Reading]