This afternoon the Apache Foundation released an awaited fix to the denial of service (DoS) vulnerability reported a few days ago.The fixes in version 2.2.20 of the Apache httpd server reduce the amount of memory that is used by range requests. If the total bytes of a file requested exceed the total file size, httpd will return the entire file. This follows closely on the heels of a tool released to the Full Disclosure mailing list this week that exploits the flaw.Read more: Naked security
QR:
QR: