Arbitrary code may be run on the remote server.
It was possible to kill the web server by sending an invalid request
with a too long HTTP 1.1 header (Accept-Encoding, Accept-Language,
Accept-Range, Connection, Expect, If-Match, If-None-Match, If-Range,
If-Unmodified-Since, Max-Forwards, TE, Host).
This vulnerability could be exploited to crash the web server. It
might even be possible to execute arbitrary code on your system.
** As this is a generic test, it is not possible to know if the impact
** is limited to a denial of service.
Upgrade your web server or protect it with a filtering reverse proxy
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true