There’s a new important bug in apache webserver, all versions are affectedtand allows remote attackers to cause a denial of service DoS (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges.
I’ve just tested it, and looks like latest Urchin Software releases aren’t affected 6.603 and 7.100 .
REQUEST HEAD / HTTP/1.1 Host: localhost:9999 Range:bytes=0- Accept-Encoding: gzip Connection: close HTTP/1.1 200 OK
You can read more about this bug here: CVE-2011-3192
Latest posts by David Vallejo (see all)
- Proper method/tips for setting up Facebook Pixels with no errors - August 22, 2017
- Release: Tealium Debugger extension for Chrome - April 2, 2017
- Integrating Google Optimize with Google Tag Manager - January 9, 2017