A denial of service vulnerability

[Ric]

A denial of service vulnerability has been found in the way the multiple

overlapping ranges are handled by the Apache HTTPD server.

 

Reference: An updated Apache DOS advisory

Link: http://lwn.net/Articles/456513/

 

Section four mentions "deployment of a range header count module as a temporary stopgap measure"

 

Install this module as follow:

1] Download mod_rangecnt.zip

2] Extract contents

3] Copy file mod_rangecnt.so to folder UniServer\usr\local\apache2\modules

4] Edit file UniServer\usr\local\apache2\conf\httpd.conf

5] After line:

LoadModule vhost_alias_module modules/mod_vhost_alias.so

Add the following line:

LoadModule rangecnt_module modules/mod_rangecnt.so

6] Restart Apache server

 

Note: Above is a VC9 module compatible with Uniform Server Orion series.

 

Regards,

The Uniform Server Development Team