VIDEO: Web servers running on HTTP/2 found with multiple denial-of-service vulnerabilities
In an analysis of five separate manufacturers' web servers running on the new HTTP/2 protocol, cybersecurity firm Imperva found that all five were vulnerable to at least one of four high-profile denial-of-service vulnerabilities. The company announced its findings at Black Hat, where SCMagazine.com caught up with Imperva's director of security research Itsik Mantin.
According to Mantin, it's not uncommon for technology manufacturers to experience some bumps in the road while adopting brand new protocols, but such unfortunate developments must not deter their progress.
Imperva's researchers studied server implementations from Apache,