1999-09-29 04:00:00
mitre
PUBLISHED
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.