Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
we track for your security since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access
The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerability

vulnerability alert CVE-2009-1891

Apache httpd: denial of service of mod_deflate

Synthesis of the vulnerability

An attacker can force the mod_deflate module of Apache httpd to consume CPU resources.
Severity: 3/4.
Creation date: 09/07/2009.

Impacted products

Description of the vulnerability

The mod_deflate module of Apache httpd is used to compress data with a gzip algorithm. It is for example used to compress some MIME types (extract of the configuration file):
  AddOutputFilterByType DEFLATE text/html text/plain text/xml

When a client requests a text file, the module of the web server compresses it, then sends the result to the client, who uncompresses it.

However, if the client interrupts his TCP session during the compression, the module continues to compress the file. The server thus continues to consume resources, for nothing.

An attacker can therefore request several files to compress, in order to force the mod_deflate module to consume CPU resources.

Share this bulletin

Delicious Digg Facebook Google bookmarks LinkedIn Mail Reddit StumbleUpon Technorati Twitter Yahoo 

Complete Vigil@nce bulletin

Apache httpd: denial of service of mod_deflate

Characteristics

Title: Apache httpd: denial of service of mod_deflate.
Keywords: AddOutputFilterByType Apache CPU DEFLATE MIME TCP denial httpd mod_deflate service.
Identifiers: 8812, BID-35623, c02579879, CERTA-2009-AVI-529, CVE-2009-1891, DSA 1834-1, DSA 1834-2, HPSBUX02612, MDVSA-2009:149, MDVSA-2009:168, MDVSA-2009:323, PK87176, PK88341, PK88342, PK91361, PK99477, PK99478, PK99480, RHSA-2009:1148-01, RHSA-2009:1155-01, RHSA-2009:1156-01, RHSA-2009:1160-01, RHSA-2009:1205-01, RHSA-2009:1580-02, RHSA-2010:0602-02, SSA:2009-214-01, SSRT100345, SUSE-SA:2009:050, TLSA-2009-21, TLSA-2009-30, VIGILANCE-VUL-8851.

Information sources

Publications and announces

Solutions for this vulnerability

Patch or workaround

Supplements

Attack

Exploit 0day or proof of concept

Computer vulnerabilities tracking service

Vigil@nce provides computers vulnerabilities alerts. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The technology watch team tracks security threats targeting the computer system. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.



















Copyright 1999-2012 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française