Apache Request Smuggling Vulnerability Found

An anonymous reader writes "Whitedust is reporting on a HTTP request smuggling vulnerability in Apache. The flaw apparently allows attackers to piggy back valid HTTP requests over the 'Content-Length:' header, which can result in cache poisoning, cross-site scripting, session hijacking and other various kinds of attack. This flaw affects most of the 2.0.x branch of Apache's HTTPD server."

Re:yet another

[Soporific]

I don't know anything about this post, but how is it redundant as the fourth post when the first 3 were:

1) Yeah!

2) not good not good

3) After all, it is Apache server. Anyway, it'll get a fix available likety-split. Go, OSS!

Now I could see if this post said yeah, or good or server in the post but I'm just not getting the redundant mod anymore.

~S

Re:Damn, now I have to wait for longhorn.

[crutchman]

But then Time Warner AOL Netscape etc. Inc. will sue Microsoft for patent infringment under the justification that using Foghorn for a windows product has completely damaged the reputation of their imaginary character, causing microsoft to go out of business.
Once Microsoft goes out of business, the current AOL will fail because they were never able to switch from IE->Netscape (despite the fact they BOUGHT Netscape).

Netscape will also fail (to install) preventing AOL from making the switch, dragging Time Warner down with them. The stock price will drop so low, that Steve Jobs will buy Time Warner, resurrect AOL, and instantly stop innovating because he no longer has competition and controls the internet connection of millions that he can direct to iTunes.com.

Hey...it could happen! hehe

Re:HTTP request smuggling

[smittyoneeach]

Leave the Kennedy family out of this.