On 22/08/2014 03:31, ?? wrote:
I read an article on the internet that says that Tomcat was
found to accept content-length headers with chunked encoding over any
HTTP connector and multiple content-length headers in a request when
using the AJP connector. This could allow attackers
I read an article on the internet that says that Tomcat was found to
accept content-length headers with chunked encoding over any HTTP connector and
multiple content-length headers in a request when using the AJP connector. This
could allow attackers to poison a web-cache, bypass web
I read an article on the internet that says that Tomcat was found to
accept content-length headers with chunked encoding over any HTTP connector and
multiple content-length headers in a request when using the AJP connector. This
could allow attackers to poison a web-cache, bypass web