[SECURITY] CVE-2012-3544 Chunked transfer encoding extension size is not limited

[Derick Older <d3x0rwastasy () yahoo com>]

Hi everyone,

I am testing an Apache Tomcat server 6.0.36 on Ubuntu Linux
I would like to reproduce  CVE-2012-3544 Denial of Service Vulnerability with Apache Tomcat 6.0.36

I tried to send a request using chunked transfer encoding  with a web proxy (Burp proxy) but I think I am making a 
mistake...

How can I reproduce the bug?
How can I send a request using chunked transfer encoding? Can you help me please?


Best regards
wastasy

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/