Intrusion Prevention

Apache.httpd.Arbitrary.Long.HTTP.Header.Parsing.DoS

Description

This indicates an attack attempt to exploit a Denial of Service vulnerability against Apache HTTP Web Server.
The vulnerability is due to the application failing to adequately sanitize HTTP header strings. A remote attack may be able to exploit this to cause a denial of service condition on the affected system via a malformed HTTP header.

Affected Products

Apache Software Foundation Apache 2.0.47 - 2.0.49

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade to the latest version available from the website.
http://www.apache.org/dyn/closer.cgi

CVE References

CVE-2004-0493