QwikSec

Security Database

CVE

CWE

Training

CVE-2007-0086

Published: Jan 5, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_OSVDB

20070104 Re: a cheesy Apache / IIS DoS vuln (+a question)

mailing-list

x_refsource_BUGTRAQ

20070104 Re: a cheesy Apache / IIS DoS vuln (+a question)

mailing-list

x_refsource_BUGTRAQ

20070103 a cheesy Apache / IIS DoS vuln (+a question)

mailing-list

x_refsource_BUGTRAQ

20070104 Re: a cheesy Apache / IIS DoS vuln (+a question)

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.