|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Wed, 23 Jul 1997 14:40:29 +0200 Reply-To: Stefan Rompf <srompf@TELEMATION.DE> From: Stefan Rompf <srompf@TELEMATION.DE> To: BUGTRAQ@NETSPACE.ORG In-Reply-To: <ilu4t9mu41o.fsf@scup.pdc.kth.se> At 00:15 23.07.97 +0200, Simon Josefsson wrote: >Fellow bugtraqers, I stumpled over this tonight. It's a DoS-attack >against a Oracle Webserver 2.1 that serves PL/SQL stored procedures. The old Oracle Webserver 1.0.2.0.2 cannot be attacked this way. There seem to be hard limits of 32 lines HTTP-Request, 1540 chars on the GET/HEAD statement and 4096 chars on every additional header line. Stefan
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |