Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Re: a cheesy Apache / IIS DoS vuln (+a question)
Jan 05 2007 07:11AM
Gadi Evron (ge linuxbox org)
On Wed, 3 Jan 2007, William A. Rowe, Jr. wrote:
> Michal Zalewski wrote:
> > I feel silly for reporting this, but I couldn't help but notice that
> > Apache and IIS both have a bizarro implementation of HTTP/1.1 "Range"
> > header functionality (as defined by RFC 2616). Their implementations allow
[ more ]
Copyright 2010, SecurityFocus