httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 51603] Apache accepts completely bogus HTTP requests (possible security hole)
Date Wed, 03 Aug 2011 19:32:59 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=51603

--- Comment #4 from Mikael Lyngvig <mikael@lyngvig.org> 2011-08-03 19:32:59 UTC ---
I have checked the file sizes against the known website files and it appears
that Apache returns the root item (GET /), in my case index.php, to the client.
 So no security issue, just weird behavior.  I guess Apache should reject all
malformed HTTP requests rather than returning the root item.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message