Threat Encyclopedia



This indicates detection of an overly long HTTP Host value.
HTTP servers that have insufficient sanitizing of HTTP requests field might be prone to such an attack. Successful attacks may allow a remote attacker to execute arbitrary code within the context of the webserver, crash the affected application or deny services to legitimate users.

Affected Products

Any unprotected or misconfigured HTTP server is vulnerable to the attack.


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply appropriate patch from the vendor or upgrade to non-vulnerable version if available.
Monitor the traffic from that network for any suspicious activity.