Upen, thank you for the info about the Apache's memory guideline script.
I'll try it too.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/839569
Title:
Apache2 is still Range header
You are welcome. Thanks to you for creating bug report and Steve for
your immediate response. Appreciate it.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/839569
Title:
Apache2 is
Stefen,
Yes, you're absolutely right! We can only check in that way if a server
supports byte Range headers.
killapache.pl causes that even my upgraded server is DoS'ed, but it's
rather related to my Apache's config. Probably I need to decrease a
value of MaxClients and MaxKeepAliveRequests,
In addition to my earlier comment and after reading other comments, I'd like to
add now that I changed MaxClients for apache2( In Pre fork MPM ) on my virtual
Lucid and restarted apache2. Ran killapache but this time the load on system
didn't go high, and apache2 processes were limited to
Paweł and Upen, thanks for following up. Based on your comments, I'm
going to close this bug report; please re-open it if you find any
evidence that suggests the fix for CVE-2011-3192 is incomplete.
Stefan, thanks for chiming in.
** CVE added: http://www.cve.mitre.org/cgi-
Paweł,
Can you confirm that sending a request with an overlapping byte range
e.g.:
HEAD / HTTP/1.1
Host: localhost
Range:bytes=1-15,10-35,8-9,14-22,0-5,23-
Accept-Encoding: gzip
Connection: close
returns 200 OK?
Perhaps you could report what modules you have loaded? apache2ctl -t -D
Hi Steve,
Yes, I can confirm that my Apache returns 200 OK for that request:
root@server:~# nc localhost 80
HEAD / HTTP/1.1
Host: localhost
Range:bytes=1-15,10-35,8-9,14-22,0-5,23-
Accept-Encoding: gzip
Connection: close
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2011 08:51:43 GMT
Server: Apache
Hi,
I am the other user who reported that even after fully patching 10.04
LTS, I see that my virtual Lucid is still vulnerable. I am not sure
where exactly is the problem, system resources or apache bug or my
configuration.
OS: Ubuntu 10.04.3 LTS
Memory = 512 MB
1 CPU : model name :
Note that it is impossible to determine from apache's response alone if
apache is vulnerable or not. The only way to check it is to do a request
with lots of overlapping ranges (like killapache does) and check if the
process size increases a lot or not. On 32bit machines, the original
