I just tested this exploit on Apache httpd versions 1.0.x, 1.1.x, 1.2.x,
and 1.3.x (beta). All of the versions seem to be affected in one way or
another, but the 1.0.x and 1.1.x seems to be less effective, since the
load average goes down right after the attack has stopped, unlike 1.2.x
and 1.3.x, which kept going even after the attack has stopped.
-- Zen <email@example.com> Fourth Law of Revision: It is usually impractical to worry beforehand about interferences -- if you have none, someone will make one for you.