CVE-2011-3192 - Range header DoS vulnerability Apache HTTPD 1.3/2.x
search cancel

CVE-2011-3192 - Range header DoS vulnerability Apache HTTPD 1.3/2.x

book

Article ID: 165630

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

Is the ProxySG appliance vulnerable to CVE-2011-3192 - Range header DoS vulnerability Apache HTTPD 1.3/2.x?

Resolution

The ProxySG appliance  is not vulnerable because it does not use Apache.


A vulnerable Apache host that is reverse-proxied by ProxySG can be protected by activating client limits in attack-detection.

To enable client limits in attack-detection, use the following CLI command:

xxx.xxx.xxx.xxx - Blue Coat SG>en
Enable Password:
xxx.xxx.xxx.xxx - Blue Coat SG#configure terminal
Enter configuration commands, one per line.  End with CTRL-Z.
xxx.xxx.xxx.xxx - Blue Coat SG#(config)attack-detection
xxx.xxx.xxx.xxx - Blue Coat SG#(config attack-detection)client
xxx.xxx.xxx.xxx - Blue Coat SG#(config client)enable-limits
 

To disable client limits in attack_detection, enter the following command:
xxx.xxx.xxx.xxx - Blue Coat SG#(config client)disable-limits

 

 

 

Powered by Wolken Software