There was a problem loading the comments.

VPS/Dedicated with LAMP -> Security Vulnerability - Apache Killer, upgrade to 2.2.20

Support Portal  »  News  »  Viewing Article

  • 21 September 2011 9:46 PM

An exploit was posted to full-disclosure labelled “Apache Killerâ€. This script
creates a number of threads that use multiple Range headers to exhaust memory
on the Apache server.

Read more about it from

New version of apache is available for Directadmin and cPanel. So please upgrade the apache to 2.2.20

Changes with Apache 2.2.20

*) SECURITY: CVE-2011-3192 (
core: Fix handling of byte-range requests to use less memory, to avoid
denial of service. If the sum of all ranges in a request is larger than
the original file, ignore the ranges and send the complete file.
PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener]

Share via
Did you find this article useful?  

Related Articles


Add Comment

Replying to  

Self-Hosted Help Desk Software by SupportPal