High Risk Vulnerability found in Nessus scan of "Apache HTTP Server Byte Range DoS (55976)". The CVE is 2011-3192.
The solution is to Ignore all “Range requests” and return the full page instead
Steps to do this are as follows :
2. Ensure mod_headers is loaded/uncommented in httpd.conf (log in via SSH to SSIM using db2admin user and su - to root)
· Open /opt/Symantec/sesa/httpd/conf/httpd.conf
· Search for "LoadModule headers_module modules/mod_headers.so"
· Uncomment the above line if it is commented by removing ‘#’ present at the beginning of line
2. Add the following two lines at the bottom of httpd.conf file
RequestHeader unset Range
RequestHeader unset Request-Range
3. Save the file
4. Restart ibmhttpd service from command line after updating httpd.conf file for changes to take effect
· service ibmhttpd restart