You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Jon Travis <jt...@covalent.net> on 2001/09/25 05:30:44 UTC
DoS on POSTS
It seems that there is a possibility for DoS on Apache servers
when doing a POST. On search.apache.org, I can send the following
request:
PUT / HTTP/1.1
Host: search.apache.org:80
Content-Length: 1000
<newline here>
And just let it sit there forever. search.apache.org is running 2.0.24,
and I'm running out of CVS and seeing the same behaviour. Seems bogus to me.
-- Jon