BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
a cheesy Apache / IIS DoS vuln (+a question) Jan 03 2007 11:27PM
Michal Zalewski (lcamtuf dione ids pl)
I feel silly for reporting this, but I couldn't help but notice that
Apache and IIS both have a bizarro implementation of HTTP/1.1 "Range"
header functionality (as defined by RFC 2616). Their implementations allow
the same fragment of a file to be requested an arbitrary number of times,
and each red...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus