Summary
This host is running Apache httpd web server and is prone to denial of service vulnerability.
Impact
Successful exploitation will let the remote unauthenticated attackers to cause a denial of service.
Impact Level: System/Application
Solution
Please refer below link for fix and mitigate this issue until full fix, http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3CCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g@mail.gmail.com%3E
http://marc.info/?l=apache-httpd-dev&m=131420013520206&w=2
Insight
The flaw is caused the way Apache httpd web server handles certain requests with multiple overlapping ranges, which causes significant memory and CPU usage on the server leading to application crash and system can become unstable.
Affected
Apache 1.3.x, 2.0.x through 2.0.64 and 2.2.x through 2.2.19
References
Severity
Classification
-
CVE CVE-2011-3192 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- Apache 'mod_deflate' Denial Of Service Vulnerability - July09
- AT-TFTP Server Long Filename BoF Vulnerability
- Adobe Reader/Acrobat JavaScript Method Handling Vulnerability (Linux)
- CA Multiple Products 'arclib' Component DoS Vulnerability (Win)
- Epson EventManager 'x-protocol-version' Denial of Service Vulnerability