Apache HTTPD Range header vulnerability
Last Update Date:
3 Oct 2011
Release Date:
29 Aug 2011
7489
Views
RISK: High Risk
TYPE: Servers - Web Servers
A vulnerability has been identified in Apache HTTPD, which can be exploited by remote attacker to cause Denial of Service.
The vulnerability can be detected by visiting the following website:
http://apache-range-exploit.com/
Impact
- Denial of Service
System / Technologies affected
- Apache 2.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to Apache HTTP Server version 2.2.21:
http://httpd.apache.org/download.cgi
Vulnerability Identifier
Source
Related Link
- http://httpd.apache.org/security/CVE-2011-3192.txt
- http://www.apache.org/dist/httpd/Announcement2.2.html
- http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%[email protected]%3E
- http://apache-range-exploit.com/
- http://seclists.org/fulldisclosure/2011/Aug/301
- http://secunia.com/advisories/45606/
Share with