| |||||||||||||
Nasty Apache denial of service vulnerabilityNasty Apache denial of service vulnerabilityPosted Aug 25, 2011 13:00 UTC (Thu) by SEJeff (subscriber, #51588)Parent article: Nasty Apache denial of service vulnerability
Great fix for gnome.org servers from bkor for your apache config:
# Drop the Range header when more than 5 ranges. # CVE-2011-3192 SetEnvIf Range (,.*?){5,} bad-range=1 RequestHeader unset Range env=bad-range
Allows legit range requests to work and kills it after > 5.
(Log in to post comments)
Nasty Apache denial of service vulnerability Posted Aug 25, 2011 13:54 UTC (Thu) by ovitters (subscriber, #27950) [Link]
I just copied that from this announcement. Yay for Puppet :P
Nasty Apache denial of service vulnerability Posted Aug 25, 2011 18:23 UTC (Thu) by SEJeff (subscriber, #51588) [Link]
Yup just trying to point it out for the TL;DNR people who are much like myself :)
Nasty Apache denial of service vulnerability Posted Aug 25, 2011 18:18 UTC (Thu) by rickmoen (subscriber, #6943) [Link] Don't forget to doa2enmod headers...or Apache httpd may choke on invalid configuration lines and refuse to start (if the 'headers' module isn't enabled). Rick Moen rick@linuxmafia.com
|
|||||||||||||