[SECURITY] Apache security issue

wstuermer

Blog Benutzer
Dear Plesk user,

although the Apache webserver is not bundled with Plesk I want to inform you about a critical security issue in Apache:

Apache does not handle headers, that include multiple byte ranges, correctly. This leads to massive memory consumption and can be used for DoS attacs.

More information, an exploit and workarounds can be found here:
http://seclists.org/fulldisclosure/2011/Aug/175

Again: This is not a Plesk related issue. As soon as a patch is released you should update your Apache webserver.

Best regards,
Plesk Security Announcements Team
 
Top