DoS Vulnerability Apache HTTP requests

On July 1, 2009, in apache, DOS, HTTP, requests, Vulnerability, by Dipin Krishna

Recently published a pretty big vulnerability for Apache 1.x and 2.x pass Squid. The vulnerability is Intentionally incomplete HTTP requests and this makes the server open a connection waiting for a header. This would be the header that is sent to the server:GET / HTTP/1.1\r\nHost: host\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET […]

 

Search