Intrusion Prevention

Apache.HTTP.Server.Range.Header.Handling.DoS

Description

This indicates an attack attempt to exploit a Denial of Service vulnerability in Apache HTTP Server.
The vulnerability is a result of the application's failure to properly sanitize user supplied input. A remote attacker can exploit this to cause the server to consume excessive resources leading to a Denial of Service condition.
The tool named killapache is exploiting this vulnerability to attack Apache Servers.

Affected Products

Apache Software Foundation HTTP Server all versions.

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade to Apache 2.2.21
https://www.apache.org/dist/httpd/Announcement2.2.html

CVE References

CVE-2011-3192