cancel
Showing results for 
Search instead for 
Did you mean: 
fwmonitor
Level 7

is MWG7 affected to this Vulnerability: DOS through hash table multi-collisions

Hello,

has somebody tested this vuln: http://seclists.org/fulldisclosure/2011/Dec/477 against MWG7/Tomcat already?

To configure a temp rule for reverse proxy we need a rule example for:

1. how to get the size of POST

2. how to get the size of the HTTP header.

Example:

Rule Criteria:
Cycle.Name equals "Request" AND
Command.Name equals "POST" AND
Body.Size greater than 1000

Action: Block

better suggestions?

Regards

0 Kudos