[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] old '99 bug still in latest Apache ?!

Subject: [ale] old '99 bug still in latest Apache ?!
From: jjj863 at gmail.com (Jerry Yu)
Date: Wed, 28 Dec 2005 14:46:14 -0500
In-reply-to: <[email protected]>
References: <[email protected]>

I ran into an old bug, I believe, with Apache-2.0.52-19, the latest on RHEL
4 AS or CentOS 4.1. Server returns internal error (500) when "Accept:
thousandsOfChar/gif\n" is specified in a HTTP/1.0 request. The server
handles it fine if such header is used in a HTTP/1.1 request.

 I am quite surprised this bug is still there, as such behavior is
documented in CVE as (CVE-1999-0751). Any apache directive to use to force
apache to serve http/1.1 only?  Any other get-arounds if one has to serve
http/1.0 to accomodate some older browsers?
-------------- next part --------------
An HTML attachment was scrubbed...

Follow-Ups:
- [ale] old '99 bug still in latest Apache ?!
  - From: jsheets at yahoo.com (Jerald Sheets)

References:
- [ale] old '99 bug still in latest Apache ?!
  - From: jjj863 at gmail.com (Jerry Yu)

Prev by Date: [ale] Speedfactory now requires mail contents to be readable
Next by Date: [ale] Speedfactory now requires mail contents to be readable
Previous by thread: [ale] old '99 bug still in latest Apache ?!
Next by thread: [ale] old '99 bug still in latest Apache ?!
Index(es):
- Date
- Thread