Byte Range說明參考RFC 2616:http://www.ietf.org/rfc/rfc2616.txt
14.35 Range ....................................................138 14.35.1 Byte Ranges ...........................................138 14.35.2 Range Retrieval Requests ..............................139
相關背景說明參考:
http://seclists.org/fulldisclosure/2011/Aug/175
http://lwn.net/Articles/456268/
http://httpd.apache.org/security/CVE-2011-3192.txt
step1. telnet port 80
#telnet 127.0.0.1 80
ste2. input test http header
HEAD / HTTP/1.1回應 200 OK為正常
Host: 127.0.0.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
Pragma: no-cache
Request-Range: bytes=5-0,1-1,2-2,3-3,4-4,5-5,6-6,7-7,8-8,9-9,10-10
Accept-Language: en
Connection: Keep-Alive
Range: bytes=5-0,1-1,2-2,3-3,4-4,5-5,6-6,7-7,8-8,9-9,10-10
HTTP/1.1 200 OK回應206且下方回傳byteranges即為存在。
Date: Mon, 10 Sep 2012 05:25:05 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2011 09:46:23 GMT
ETag: "d019a-5e-4b523df60f9c0"
Accept-Ranges: bytes
Content-Length: 94
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html
HTTP/1.1 206 Partial Content
Date: Mon, 10 Sep 2012 05:25:55 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2011 09:46:23 GMT
ETag: "13d05a1-5e-df60f9c0"
Accept-Ranges: bytes
Content-Length: 827
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: multipart/x-byteranges; boundary=4c9523120ba4d4181
how to fix.
upgrade apache to 2.2.20 or later.
or http://httpd.apache.org/security/CVE-2011-3192.txt
0 意見:
張貼留言