Apache Security Advisory – Remote DoS

Posted on August 25, 2011 by Steve

Apache Security Advisory – Remote DoS

Application : Apache Web Server (mod_deflate module)
Versions Affected : 1.3 – 2.2.
Exploit : Range header DOS vulnerability
Ease of use : Simple
Threat Level : High
Fix : Multiple, see below.
ZeroDay : Yes
Credit : Kingcope
External Website : http://httpd.apache.org/

What does it mean, do I have to do anything, if so what?

A  perl script is available that exploits a bug in Apache module Mod_deflate which could flood your server with requests which will cause a high memory and swap usage possibly causing your server to run out of memory and “swap it’s self to death”.  Even if you do not use mod_deflate, it is installed by default as an Apache module, so your server is more than likely vulnerable.  To check  run the Apache binary with a -M switch, like this /sbin/httpd -M and check the output for deflate.

What happens if I leave it?

Your server could become the victim of a DoS attack. A patch is expected soon for both Apache versions 2.0 & 2.2. Apache 1.3 is vulnerable to this but will not be patched, so it is recommended not to run mod_deflate with Apache 1.3 or to update to a newer version.

If you need any further information on securing your server against this vulnerability then please call us.

Post to Digg Digg This Post Post to Reddit Post to Reddit Post to StumbleUpon Stumble This Post Post to Technorati Post to Technorati

This entry was posted in Managed Hosting. Bookmark the permalink.

Comments are closed.