4 matches found
EUVD-2019-13816
Malware in sbrugna...
httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling
A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling...
UBUNTU-CVE-2021-3909
OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests to will keep the connection open for a day before a response is returned, but does keep drip...
tomcat: non-persistent DoS attack by feeding data by aborting an upload
It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made...