Comment 41 for bug 1394370
Revision history for this message
| Eric Peterson (ericpeterson-l) wrote Re: horizon login page is vulnerable to DOS attack | #41 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
(minor clarification)
I am not sure all Horizon setups are affected - I would say that Horizon setups using a db or memcached session engine would be impacted.
The default Horizon setting has been signed cookies in many cases, which does not suffer from this issue. (I am not sure which distros use signed cookies and which ones do not).