On 22/08/2014 03:31, ?? wrote:
> I read an article on the internet that says that Tomcat was
> found to accept content-length headers with chunked encoding over any
> HTTP connector and multiple content-length headers in a request when
> using the AJP connector. This could allow attack
I read an article on the internet that says that Tomcat was found to
accept content-length headers with chunked encoding over any HTTP connector and
multiple content-length headers in a request when using the AJP connector. This
could allow attackers to poison a web-cache, bypass web ap
I read an article on the internet that says that Tomcat was found to
accept content-length headers with chunked encoding over any HTTP connector and
multiple content-length headers in a request when using the AJP connector. This
could allow attackers to poison a web-cache, bypass web ap