[Full-disclosure] IPS Evasion with the Apache HTTP Server
H D Moore
fdlist at digitaloffense.net
Wed Jun 20 16:37:12 BST 2007
Apparently I can't read before 10:00am :) 3APA3A corrected me, the RFC
states that there can actually be multiple CRLF before the start of the
request. Time to find some coffee...
Thanks for the feedback!
On Wednesday 20 June 2007 09:19, H D Moore wrote:
> The note in RFC 2616, Section 4.1, refers to a single CRLF before the
Full-Disclosure is hosted and sponsored by Secunia.