On 27/08/2013 08:38, wastasy wrote: > Hi everyone, > > I am testing an Apache Tomcat server 6.0.36 on Ubuntu Linux
OK. > I would like to reproduce CVE-2012-3544 Denial of Service Vulnerability > with Apache Tomcat 6.0.36 Why? > I tried to send a request using chunked transfer encoding with a web > proxy (Burp proxy) but I think I am making a mistake... If that is all you are doing you will not reproduce the issue because you have not recreated the circumstances under which the vulnerability occurs. > How can I reproduce the bug? Everything you need to know to recreate the bug is in the vulnerability report and on the Tomcat 6 security page. > How can I send a request using chunked transfer encoding? The correct use of chunking is described in RFC2616. Mark > Can you help me please? > > > Best regards > wastasy > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
