[ale] old '99 bug still in latest Apache ?!
Jerry Yu
jjj863 at gmail.com
Tue Dec 20 11:28:58 EST 2005
I ran into a old bug, I believe, with Apache-2.0.52-19.ent.centos4, latest
on RHEL 4 AS or CentOS 4.1). Server returns internal error (500) when
"Accept: thousandsOfChar/gif\n" is specified in a HTTP/1.0 request. The
server handles it fine if such header is used in a HTTP/1.1 request. I am
quite surprised this bug is still there, as such behavior is documented in
CVE as (CVE-1999-0751).
any directive to use to force apache to serve http/1.1 only? or other
get-arounds?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Ale
mailing list