EIP-2026-103403

PRE-CVE

Apache 2.0.49 - Arbitrary Long HTTP Headers Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103403. PoCs published by Qnix.

AI-analyzed exploit summary This Perl script exploits a denial-of-service (DoS) vulnerability in Apache HTTPd versions prior to 2.0.49 by sending an excessive number of long HTTP headers. The exploit floods the target with malformed headers to crash the service.

Description

Apache 2.0.49 - Arbitrary Long HTTP Headers Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED

by Qnix · perldosmultiple

https://www.exploit-db.com/exploits/1056

View Code ZIP pw:eip

This Perl script exploits a denial-of-service (DoS) vulnerability in Apache HTTPd versions prior to 2.0.49 by sending an excessive number of long HTTP headers. The exploit floods the target with malformed headers to crash the service.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Apache HTTPd < 2.0.49

No auth needed

Prerequisites: Network access to the target Apache server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026