[plamo:24113] Apache Multiple Space Header DoS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[plamo:24113] Apache Multiple Space Header DoS

From:KATOH Yasufumi

Date:Mon, 15 Nov 2004 11:18:13 +0900 (JST)

Subject: [plamo:24113] Apache Multiple Space Header DoS
From: KATOH Yasufumi <karma@xxxxxxxxxxxxxxx>
Date: Mon, 15 Nov 2004 11:18:11 +0900
User-agent: Wanderlust/2.11.32 (Wonderwall) SEMI/1.14.6 (Maruoka) FLIM/1.14.6 (Marutamachi) APEL/10.6 Emacs/21.3 (i386-mingw-nt5.1.2600) MULE/5.0 (SAKAKI) Meadow/2.10-dev (ASAGAO)

加藤泰文です．

Apache 2.0.52 以前で空白を含むヘッダを送ると DoS に陥るセキュリティホー
ルが見つかっています．

  http://www.securiteam.com/unixfocus/6A0010KBPE.html
  http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942
  http://xforce.iss.net/xforce/xfdb/17930

2.0.53-dev で修正 (他にも SSL 関係修正されていますね)．

  http://www.apacheweek.com/features/security-20

-- 
==============================================
((((    加藤泰文
○-○                karma @ prog.club.ne.jp
==============================================
 (Web Page) http://park2.wakwak.com/%7Ekarma/
==============================================
   中南米の音楽のページを更新 (October 17)

Prev by Date: [plamo:24112] Sudo にセキュリティホール
Next by Date: [plamo:24114] kernel 2.6 系
Previous by thread: [plamo:24153] Re: Sudo にセキュリティホール
Next by thread: [plamo:24115] CD の音が鳴らない
Index(es):
- Date
- Thread

[検索ページ] [メール一覧]
Plamo ML 公開システム