Get Started
- CodeAnt AI
- Control Center
- Pull Request Review
- IDE
- Compliance
- Anti-Patterns
- Code Governance
- Infrastructure Security Database
- Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Aws-lambda
- Gin
- Gorilla
- Gorm
- Grpc
- Jwt-go
- Lang
- Net
- Active-debug-code
- Command-injection
- Csrf
- Dos
- Slowloris-dos-functions
- Slowloris-dos
- Nosql
- Path-traversal
- Sql
- Ssrf
- Xss
- Xxe
- Otto
- Secrets
- Template
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml
Slowloris-dos-functions
Slowloris dos functions
These functions do not allow to set a a timeout value for reading requests. As a result, the app server may be vulnerable to a Slowloris Denial-of-Service (DoS) attack. Slowloris attacks exploit the fact that HTTP servers keep the connection active if the request received is incomplete. To mitigate this, implement a Server
and set the timeout with ReadHeaderTimeout
.
Likelihood: LOW
Confidence: LOW
CWE:
- C
- W
- E
- -
- 4
- 0
- 0
- :
-
- U
- n
- c
- o
- n
- t
- r
- o
- l
- l
- e
- d
-
- R
- e
- s
- o
- u
- r
- c
- e
-
- C
- o
- n
- s
- u
- m
- p
- t
- i
- o
- n