This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Blason_R
Leader
Leader
‎2024-04-09 05:28 AM

HTTP/2 CONTINUATION Flood - Apache Servers are vulnerable

Hi team,

The "CONTINUATION Flood" vulnerability has been recently disclosed on a webserver that supports HTTP/2.0. After conducting a swift verification, it appears that all the Apache server versions used by Check Point are affected by this vulnerability. However, upon verifying the multiportals on R81.10 at least, it was found that it does not support HTTP/2.0, ensuring our safety in this regard.

Since I do not have R81.20 can any one confirm? Or someone from CheckPoint staff can confirm?

This is from R81.10

/web/cpshared/web/Apache/2.2.0/bin/httpd2 -v
Server version: CPWS/2.4.55 (Unix)
Server built: Apr 4 2023 13:08:25

https://nowotarski.info/http2-continuation-flood/

https://www.bleepingcomputer.com/news/security/new-http-2-dos-attack-can-crash-web-servers-with-a-si...

 

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
4 Replies
G_W_Albrecht
Legend Legend
Legend
‎2024-04-09 05:31 AM 

# ver
Product version Check Point Gaia R81.20
OS build 627
OS kernel version 3.10.0-1160.15.2cpx86_64
OS edition 64-bit
[Expert]# /web/cpshared/web/Apache/2.2.0/bin/httpd2 -v
Server version: CPWS/2.4.55 (Unix)
Server built: Mar 5 2024 22:51:39
CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Blason_R
Leader
Leader
‎2024-04-09 05:34 AM
In response to G_W_Albrecht

Ok so R81.20 is from the affected versions as well.

Does it support Http/2.0? This can be found from Chrome -> Developer Tools

e.png

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2024-04-09 05:39 AM
In response to Blason_R

https://support.checkpoint.com/results/sk/sk180257

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Blason_R
Leader
Leader
‎2024-04-09 05:59 AM
In response to G_W_Albrecht

That is great so we are safe here.

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events