The Content-Length field specifies the size of the transmitted form of data after the request header. In an attack, the Content-Length field contains a very high value, meaning the server will expect to receive a large amount of data. The header of the spoofed request is then validly terminated, then an attacker waits and sends another small piece of data before the connection termination timer expires. In this way, the connection keeps dangerously active.
- Lead to exhauste all available server resources.
- Use technique to exhaust all available server resources.
- Exhaust the victim's network and hardware resources when requesting large amounts of data.
- Set the header and message body to a maximum reasonable length.
- Define a minimum incoming data rate, and drop those that are slower.
- Set an absolute connection timeout.
Anonymous attacker with local access.
Expected Remediation Time
Default score using CVSS 3.1. It may change depending on the context of the src.
- Attack vector: L
- Attack complexity: H
- Privileges required: H
- User interaction: R
- Scope: U
- Confidentiality: L
- Integrity: L
- Availability: N
- Exploit code madurity: P
- Remediation level: X
- Report confidence: X
- Vector string: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N/E:P/RL:X/RC:X
- Base: 2.9
- Temporal: 2.8
- Base: Low
- Temporal: Low
Search for vulnerabilities in your apps for free with our automated security testing! Start your 21-day free trial and discover the benefits of our Continuous Hacking Machine Plan. If you prefer a full service that includes the expertise of our ethical hackers, don't hesitate to contact us for our Continuous Hacking Squad Plan.