BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Re: a cheesy Apache / IIS DoS vuln (+a question) Jan 04 2007 05:35AM
William A. Rowe, Jr. (wrowe rowe-clan net)
Michal Zalewski wrote:
> I feel silly for reporting this, but I couldn't help but notice that
> Apache and IIS both have a bizarro implementation of HTTP/1.1 "Range"
> header functionality (as defined by RFC 2616). Their implementations allow
> the same fragment of a file to be requested an arbitrar...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus