Apache Fixes Range Header DoS Flaw
Posted on: 08/31/2011 03:18 PM

Threadpost reports that a new version of the Apache Web Server is available that fixes the recently disclosed range header denial-of-service vulnerability.

Apache Fixes Range Header DoS Flaw


The Apache Software Foundation, which maintains the Web server, said that all users should upgrade to the new release as soon as possible in order to take advantage of the patch for CVE-2011-3192. The vulnerability in Apache lies in the way that the server handles multiple overlapping ranges in Range headers. An attack tool that can exploit the vulnerability is circulating online and researchers say they have seen attacks utilizing the tool.



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/apache_fixes_range_header_dos_flaw.html)