https://www.exploit-db.com/exploits/24066
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200404-097

DiGiWeb服务器存在漏洞。远程攻击者可以通过含有大量/（斜线）字符的HTTPGET请求导致服务拒绝（CPU消耗），当DiGi将斜杠转换成（反斜杠）时该漏洞消耗资源。

source: http://www.securityfocus.com/bid/10228/info

The DiGi WWW Server has been reported to contain a remote denial of service vulnerability. It has been reported that when the server receives a malformed HTTP GET request, the web server process will consume large amounts of CPU resources.

Since this is a web server application, this leads to a remotely exploitable denial of service vulnerability.

GET ///[660Kb of /]/// HTTP/1.1

to a vulnerable server would demonstrate the effect.

来源:XF
名称:digi-www-slash-dos(15987)
链接:http://xforce.iss.net/xforce/xfdb/15987
来源:BID
名称:10228
链接:http://www.securityfocus.com/bid/10228
来源:OSVDB
名称:5702
链接:http://www.osvdb.org/5702
来源:sourceforge.net
链接:http://sourceforge.net/project/shownotes.php?release_id=234261
来源:SECUNIA
名称:11490
链接:http://secunia.com/advisories/11490
来源:www.autistici.org
链接:http://www.autistici.org/fdonato/advisory/DiGiWwwServerC1-adv.txt
来源:BUGTRAQ
名称:20040427resourcesconsumptioninDiGiWWWServer
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=108311170018203&w;=2
来源:SECTRACK
名称:1009957
链接:http://securitytracker.com/alerts/2004/Apr/1009957.html