Hi,
Don't forget to submit talks ASAP to:
https://communityovercode.org/call-for-presentations/
there is a tomcat and httpd track for us.
Cheers
Jean-Frederic
Forwarded Message
Subject: Final Reminder: Community Over Code call for presentations
closing soon
Date: Wed, 28 J
We've been seeing problems with failed requests where the response comes back
with duplicate chunked encoding headers:
[Response]
HTTP/1.1 200
Strict-Transport-Security: max-age=86400; includeSubDomains;
Cache-Control: no-cache,no-store
isAuthenticated: true
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-
Hello,
I was sent this information, I hope this meets your expectations.
-
Request 1
GET / HTTP/1.1
Host: rplans.army.mil
Accept-Encoding: gzip, deflate
Accept:
text/html,application/xhtml+xml,application/xml
Martin,
On 7/3/23 04:47, Martin Knoblauch wrote:
On 6/29/23 17:06, Rainer Jung wrote:
Since I try to push people into mod_proxy, I am hesitant to implement
more and more features which keep people from switching ;)
Hi Rainer,
so, what do you suggest for the mod_jk retirement?
mod_proxy
Jon,
On 6/30/23 17:21, jonmcalexan...@wellsfargo.com.INVALID wrote:
Hi Chris and Rainer,
Just want to add my .02 worth. Having the ability to "Drain" hosts in a Proxy
configuration would be an awesome boon so you could gracefully take down a "node" for
maintenance, or even just a restart. The
Without knowing which vulnerability is being tested for and how the
vulnerability is being tested for I don't think anyone here will be able
to help.
A (cleartext) tcpdump of the associated request(s) and response(s) would
also be helpful.
Mark
On 05/07/2023 17:51, James Boggs wrote:
Hi,
Hi,
We have Apache Tomcat 0.0.73 installed on a Windows Server 2019 o/s which is
has a Request Smuggling vulnerability being reported in a BURP scan.
Here Tomcat documentation reports Request Smuggling has been fixed in 9.0.68,
so we don't understand why it would still be reported using 9.0.73.
