|
From: Breno S. P. (JIRA) <no...@mo...> - 2012-11-07 21:53:42
|
[ https://www.modsecurity.org/tracker/browse/MODSEC-342?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Breno Silva Pinto resolved MODSEC-342.
--------------------------------------
Resolution: Fixed
> ModSecurityIIS: The worker process crashes while processing XSS requests under load
> -----------------------------------------------------------------------------------
>
> Key: MODSEC-342
> URL: https://www.modsecurity.org/tracker/browse/MODSEC-342
> Project: ModSecurity
> Issue Type: Bug
> Security Level: Normal
> Components: Core
> Affects Versions: 2.7.0
> Environment: Server: IIS 7 on Windows Server 2008 R2
> Test Client: WCAT on Windows Server 2008 R2
> Reporter: akurmi
> Assignee: Breno Silva Pinto
> Labels: IIS, ModSecurityIIS
> Attachments: modsecurityruleset.zip, scenario.ubr, settings.ubr
>
>
> The worker process crashes while processing this wcat transaction under load:
> transaction
> {
> id = "XSS";
> weight = 100;
> request
> {
> url = "/iisstart.htm?param=<script>alert('hello')</script>";
> statuscode= 403;
> }
> close
> {
> method = reset;
> }
> }
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
