module
Apache Range Header DoS (Apache Killer)
| Disclosed | Created |
|---|---|
| 08/19/2011 | 05/30/2018 |
Disclosed
08/19/2011
Created
05/30/2018
Description
The byterange filter in the Apache HTTP Server 2.0.x through 2.0.64, and 2.2.x
through 2.2.19 allows remote attackers to cause a denial of service (memory and
CPU consumption) via a Range header that expresses multiple overlapping ranges,
exploit called "Apache Killer"
through 2.2.19 allows remote attackers to cause a denial of service (memory and
CPU consumption) via a Range header that expresses multiple overlapping ranges,
exploit called "Apache Killer"
Authors
KingcopeMasashi FujiwaraMarkus Neis
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
msf > use auxiliary/dos/http/apache_range_dos
msf /(s) > show actions
...actions...
msf /(s) > set ACTION < action-name >
msf /(s) > show options
...show and set options...
msf /(s) > run
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.