[Bug 839569] Re: Apache2 is still Range header DoS vulnerable if gzip compression is enabled

[Upen]

Hi,

I am the other user who reported that even after fully patching 10.04
LTS, I see that my virtual Lucid is still vulnerable. I am not sure
where exactly is the problem, system resources or apache bug or my
configuration.

OS: Ubuntu 10.04.3 LTS
Memory = 512 MB
1 CPU : model name	: Intel(R) Core(TM)2 Duo CPU     E6550  @ 2.33GHz

nc www.server.name 80
HEAD / HTTP/1.1
Host: www.server.name
Range:bytes=1-15,10-35,8-9,14-22,0-5,23-
Accept-Encoding: gzip
Connection: close

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2011 15:05:30 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Mon, 02 Aug 2010 21:42:40 GMT
ETag: "e51e-b1-48cde146fd1b1"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 146
Connection: close
Content-Type: text/html

apache2ctl -t -D DUMP_MODULES
Loaded Modules:
 core_module (static)
 log_config_module (static)
 logio_module (static)
 mpm_prefork_module (static)
 http_module (static)
 so_module (static)
 actions_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 authn_file_module (shared)
 authz_default_module (shared)
 authz_groupfile_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 cgi_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 headers_module (shared)
 mime_module (shared)
 security2_module (shared)
 negotiation_module (shared)
 php5_module (shared)
 reqtimeout_module (shared)
 setenvif_module (shared)
 status_module (shared)
 unique_id_module (shared)
Syntax OK

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/839569

Title:
  Apache2 is still Range header DoS vulnerable if gzip compression is
  enabled

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/839569/+subscriptions