|[jetty-users] slowloris vulnerability|
we're using the Acunetix vulnerability scanner to search for vulnerabilities in our application. Recently Acunetix discovered a slowloris vulnerability here :
We're using Jetty Version 8.1.7.v20120910. Do you have any further knowledge of this vulnerability together with Jetty 8?
It seems that the only possibility how this attack can be avoided is to set the maxIdleTime < 10sec which I do not like very much.
Do you have any advice for me what I can do to avoid this finding, besides from setting the maxIdleTime so low?
Thank you and best regards,
Solutions AG - The Cryptshare Company
Your attachments are
too large or too confidential for e-mail?
Back to the top