0 Replies Latest reply on Dec 29, 2011 3:19 PM by fwmonitor

    is MWG7 affected to this Vulnerability: DOS through hash table multi-collisions

    fwmonitor

      Hello,

       

      has somebody tested this vuln: http://seclists.org/fulldisclosure/2011/Dec/477 against MWG7/Tomcat already?

       

      To configure a temp rule for reverse proxy we need a rule example for:

       

      1. how to get the size of POST

      2. how to get the size of the HTTP header.

       

       

      Example:

      Rule Criteria:
      Cycle.Name equals "Request" AND 
      Command.Name equals "POST" AND 
      Body.Size greater than 1000

      Action: Block

       

      better suggestions?

       

      Regards