httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <...@jaguNET.com>
Subject Re: HTTP Spoofing
Date Fri, 01 Jul 2005 12:05:22 GMT
I have not been able to recreate the problem with 1.3

William A. Rowe, Jr. wrote:
> 
> 1.3 proxy doesn't accept T-E:chunked request bodies.
> 
> 1.3 proxy doesn't perform keep-alives against a backend.
> 
> I think we are safe, but additional opinions are welcome.
> 
> Bill
> 
> At 02:18 PM 6/30/2005, Mark J Cox wrote:
> >> I'm obtaining a CVE name for this issue -- (as the issue is already public 
> >> it requires co-ordination with Mitre)
> >
> >CAN-2005-2088
> >
> >Has anyone looked to make sure this doesn't apply to later 1.3 releases?  
> >
> >Cheers,
> >Mark
> 
> 


-- 
===========================================================================
   Jim Jagielski   [|]   jim@jaguNET.com   [|]   http://www.jaguNET.com/
                     "Sith happens"  -  Yoda

Mime
View raw message