Otkrivena je sigurnosna ranjivost kod Apache HTTPd poslužitelja koju napadači mogu iskoristiti za izvođenje napada uskraćivanja usluge.

Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability
Document ID: 113217
Advisory ID: cisco-sa-20110830-apache
http://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml
Revision 1.5
Last Updated 2011 September 09 1300 UTC (GMT)
For Public Release 2011 August 30 1600 UTC (GMT)
Please provide your feedback on this document.
Summary

The Apache HTTPd server contains a denial of service vulnerability when it handles multiple, overlapping ranges. Multiple Cisco products may be affected by this vulnerability.

Mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence companion document for this Advisory: http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=24024

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml.
[Expand all sections]     [Collapse all sections]
Affected Products

Cisco is currently evaluating products for possible exposure to this vulnerability. Products will only be listed in the Vulnerable Products or Products Confirmed Not Vulnerable sections of this security advisory when a final determination about exposure is made. Products that are not listed in either of these two sections are still being evaluated.
Vulnerable Products
Products Confirmed Not Vulnerable
Top of the section     Close Section
Details
Vulnerability Scoring Details
Impact
Software Versions and Fixes
Workarounds
Obtaining Fixed Software
Exploitation and Public Announcements
Status of this Notice: INTERIM
Distribution
Revision History
Cisco Security Procedures