An exploit was posted to full-disclosure labelled “Apache Killerâ€. This script
creates a number of threads that use multiple Range headers to exhaust memory
on the Apache server.
Read more about it from
https://bugzilla.redhat.com/show_bug.cgi?id=732928#c30
New version of apache is available for Directadmin and cPanel. So please upgrade the apache to 2.2.20
Changes with Apache 2.2.20
*) SECURITY: CVE-2011-3192 (cve.mitre.org)
core: Fix handling of byte-range requests to use less memory, to avoid
denial of service. If the sum of all ranges in a request is larger than
the original file, ignore the ranges and send the complete file.
PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener]
