want to fix Apache HTTP Server Byte Range DoS

Modified on 2025-06-10 14:04:14 +0200

want to fix Apache HTTP Server Byte Range DoS on 7.2.4.5051

Article Comments

Hi,
may you please elucidate? What exactly do you want to fix here?
Best regards

Nov, 2013 - Permalink

The web server running on the remote host is affected by a denial of service vulnerability.

The version of Apache HTTP Server running on the remote host is affected by a denial of service vulnerability. Making a series of HTTP requests with overlapping ranges in the Range or Request-Range request headers can result in memory and CPU exhaustion. A remote, unauthenticated attacker could exploit this to make the system unresponsive.

Exploit code is publicly available and attacks have reportedly been observed in the wild.

Nessus determined the server is unpatched and is not using any of the suggested workarounds by making the following requests :

Apache is being used for NMS. Can I upgrade apache to next version and expect NMS to work? I have PRTG Network Monitor 7.2.4.5051. and Apache affected with CVE-2011-3192 – Apache killer DOS vulnerability.

Nov, 2013 - Permalink

Hi,
I assume you are using Apache as Reverse Proxy for your PRTG installation? If so, there should be no issues when upgrading the same, you should only make sure tu update mod_rewrite as well and then make sure there have been no syntax changes in there.
Apart from that it should just continue working.
Best regards

Nov, 2013 - Permalink

Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.

want to fix Apache HTTP Server Byte Range DoS

Article Comments

Search

Attention

Related Articles