Amazon Linux AMI Security Advisory: ALAS-2011-1
Advisory Release Date: 2011-09-27 22:46 Pacific
Advisory Updated Date: 2014-09-14 14:25 Pacific
The Apache HTTP Server is a popular web server.
A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. (CVE-2011-3192)
All httpd users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
Run yum update httpd to update your system.