[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug #326435 - CAN-2005-2728: DoS through overly long Range values passed to the byte-range filter

Hi everyone--

I'm having a problem with Apache children randomly leaking several hundred
megabytes of memory. This happens suddenly (over the course of just a few
minutes) and the affected children usually continue to serve requests while
they're leaking.

Here's the thread from httpd-users with more information on our particular
situation, including configuration information, symptoms, and backtraces:


We eventually worked around it by using this configuration, which is a
workaround for CAN-2005-2728:

RequestHeader unset Range
Header unset Accept-Ranges

It's strange that we're running 2.0.54-5, which patches for this
vulnerability, and does so by applying the exact patch from the
corresponding Apache bug

Is this problem due to another bug that coincidentally has the same
workaround? Since applying this configuration, not a single Apache child has
leaked. Any thoughts?

John Morrissey          _o            /\         ----  __o
jwm@horde.net        _-< \_          /  \       ----  <  \,
www.horde.net/    __(_)/_(_)________/    \_______(_) /_(_)__

Reply to: