1

I have website running on node.js & express server. I get to know that website have the following vulnerability.

A remote attacker can send specially crafted HTTP request and force it to make logging statements on wrong connection for certain traffic edge patterns. This results in concurrent use of memory pools for separate connections and triggers the impact.

It is interval of HTTP header exploit that create overflow into the server process to overwrite part of the stack to rewind the request handling by overwriting bytes of the next operations.

Once this is crafted accordingly towards exposed endpoint; the environment will be malfunctioned.

I have googled about this vulnerability and get to know that it is because of vulnerable Apache HTTP Server version. But my website is running on nginx, not on apache.

I have forwarded my application port to 80 from 3000 using nginx.

For a security, website also have cloudflare setup.

How can I mitigate this vulnerability?

Meet Siraja
  • 173
  • 1
  • 10

1 Answers1

1

First, the CVE clearly says that that

  1. affected software: Apache HTTPd
  2. Version: 2.4.20 to 2.4.43
  3. Has to have the trace/debug enabled.

So, it doesn't matter if the backend is Node.js or something else. And also you are using nginx not Apache HTTP so it doesn't matter to you. But if you used apache then just upgrading to >2.4.43 would solve the issue. Apache httpd 2.4.46 released in 2020 so it makes sense to upgrade apache IF you are using it.

Aritra Chakraborty
  • 12,123
  • 3
  • 26
  • 35
  • Thanks for your help Aritra. Apache is not even installed in my server. I have checked that. CVE number might be different. I have just said number which comes first in a result by searching text. Do you have idea about same vulnerability for nginx? – Meet Siraja Apr 01 '21 at 14:25