Apache Partial HTTP Request Denial of Service Vulnerability - Zero Day QID:

1. Apache Partial HTTP Request Denial of Service Vulnerability - Zero Day
2. QID:
3. 86847
4. Category:
5. Web server
6. CVE ID:
7. -
8. Vendor Reference
9. -
10. Bugtraq ID:
11. -
12. Service Modified:
13. 04/27/2011
14. User Modified:
15. -
16. Edited:
17. No
18. PCI Vuln:
19. No
20. THREAT:
21. The Apache HTTP Server, commonly referred to as Apache is a freely available Web server.
22. Apache is vulnerable to a denial of service due to holding a connection open for partial HTTP requests.
23. Apache Versions 1.x and 2.x are vulnerable.
24.  
25. IMPACT:
26. A remote attacker can cause a denial of service against the Web server which would prevent legitimate users from accessing the site.
27. Denial of service tools and scripts such as Slowloris takes advantage of this vulnerability.
28.  
29. SOLUTION:
30. Patch:
31. There are no vendor-supplied patches available at this time.
32. Workaround:
33. - Reverse proxies, load balancers and iptables can help to prevent this attack from occurring.
34.  
35. - Adjusting the TimeOut Directive can also prevent this attack from occurring.
36.  
37. - A new module mod_reqtimeout has been introduced since Apache 2.2.15 to provide tools for mitigation against these forms of attack, however; the module is marked experimental.
38.  
39. Also refer to Cert Blog and Slowloris and Mitigations for Apache document for further information.
40.  
41. COMPLIANCE:
42. Not Applicable
43. EXPLOITABILITY:
44. There is no exploitability information for this vulnerability.
45. ASSOCIATED MALWARE:
46. There is no malware information for this vulnerability.
47. RESULTS:
48. Detected on port 443 - Apache 1.3