apache DOS attack CVE-2011-3192 and Solaris
D G Teed
donald.teed at gmail.com
Fri Sep 9 09:17:50 EDT 2011
There are dozens of blogs, etc. discussing this simple script attack
anyone could run on a single client machine to cause a denial of service.
I checked for a patch from Oracle and didn't see anything fresh for apache.
I tried the first option listed here for mitigating and Apache 2 from Solaris 10
didn't like the syntax.
Apache announcement and suggested mitigation:
http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3C20110824161640.122D387DD@minotaur.apache.org%3E
# Drop the Range header when more than 5 ranges.
# CVE-2011-3192
SetEnvIf Range (,.*?){5,} bad-range=1
RequestHeader unset Range env=bad-range
# /usr/apache2/bin/apachectl configtest
Syntax error on line 18 of /etc/apache2/httpd.conf:
header unset takes two arguments
Has anyone seen information specific to apache from Solaris on
preventing this attack?
More information about the sunmanagers
mailing list