Perlbal before 1.70, when buffered upload is enabled, allows remote attackers to cause a denial of service (crash) via a zero-byte chunked upload.
bugs.gentoo.org/show_bug.cgi?id=214784
search.cpan.org/src/BRADFITZ/Perlbal-1.70/CHANGES
secunia.com/advisories/29565
secunia.com/advisories/29619
www.securityfocus.com/bid/28491
www.vupen.com/english/advisories/2008/1045/references
bugzilla.redhat.com/show_bug.cgi?id=439054
exchange.xforce.ibmcloud.com/vulnerabilities/41538
www.redhat.com/archives/fedora-package-announce/2008-March/msg00665.html
www.redhat.com/archives/fedora-package-announce/2008-March/msg00672.html