Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2011-3192
Description:The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
Test IDs: 1.3.6.1.4.1.25623.1.0.70233   1.3.6.1.4.1.25623.1.0.70253   1.3.6.1.4.1.25623.1.0.70089   1.3.6.1.4.1.25623.1.0.70283   1.3.6.1.4.1.25623.1.0.70235   1.3.6.1.4.1.25623.1.0.70355   1.3.6.1.4.1.25623.1.0.70315   1.3.6.1.4.1.25623.1.0.70308   1.3.6.1.4.1.25623.1.0.70449   1.3.6.1.4.1.25623.1.0.70513   1.3.6.1.4.1.25623.1.0.70451   1.3.6.1.4.1.25623.1.0.70918   1.3.6.1.4.1.25623.1.0.901203   1.3.6.1.4.1.25623.1.0.71874   1.3.6.1.4.1.25623.1.0.71923   1.3.6.1.4.1.25623.1.0.71958   1.3.6.1.4.1.25623.1.0.122095   1.3.6.1.4.1.25623.1.0.122068   1.3.6.1.4.1.25623.1.0.880970   1.3.6.1.4.1.25623.1.0.120518   1.3.6.1.4.1.25623.1.0.831491   1.3.6.1.4.1.25623.1.0.870487   1.3.6.1.4.1.25623.1.0.881020   1.3.6.1.4.1.25623.1.0.881032   1.3.6.1.4.1.25623.1.0.870617   1.3.6.1.4.1.25623.1.0.881394   1.3.6.1.4.1.25623.1.0.840734   1.3.6.1.4.1.25623.1.0.881450   1.3.6.1.4.1.25623.1.0.870479   1.3.6.1.4.1.25623.1.0.870505   1.3.6.1.4.1.25623.1.0.863892   1.3.6.1.4.1.25623.1.0.881436  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2011-3192
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
BugTraq ID: 49303
http://www.securityfocus.com/bid/49303
CERT/CC vulnerability note: VU#405811
http://www.kb.cert.org/vuls/id/405811
Cisco Security Advisory: 20110830 Apache HTTPd Range Header Denial of Service Vulnerability
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtml
http://www.exploit-db.com/exploits/17696
http://seclists.org/fulldisclosure/2011/Aug/175
http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html
HPdes Security Advisory: HPSBMU02704
http://marc.info/?l=bugtraq&m=132033751509019&w=2
HPdes Security Advisory: HPSBMU02766
http://marc.info/?l=bugtraq&m=133477473521382&w=2
HPdes Security Advisory: HPSBMU02776
http://marc.info/?l=bugtraq&m=133951357207000&w=2
HPdes Security Advisory: HPSBOV02822
http://marc.info/?l=bugtraq&m=134987041210674&w=2
HPdes Security Advisory: HPSBUX02702
http://marc.info/?l=bugtraq&m=131551295528105&w=2
HPdes Security Advisory: HPSBUX02707
http://marc.info/?l=bugtraq&m=131731002122529&w=2
HPdes Security Advisory: SSRT100606
http://marc.info/?l=bugtraq&m=131551295528105&w=2
HPdes Security Advisory: SSRT100619
http://marc.info/?l=bugtraq&m=132033751509019&w=2
HPdes Security Advisory: SSRT100624
http://marc.info/?l=bugtraq&m=133477473521382&w=2
HPdes Security Advisory: SSRT100626
http://marc.info/?l=bugtraq&m=131731002122529&w=2
HPdes Security Advisory: SSRT100852
http://marc.info/?l=bugtraq&m=133951357207000&w=2
HPdes Security Advisory: SSRT100966
http://marc.info/?l=bugtraq&m=134987041210674&w=2
http://www.mandriva.com/security/advisories?name=MDVSA-2011:130
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD@minotaur.apache.org%3e
http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g@mail.gmail.com%3e
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E
http://osvdb.org/74721
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827
RedHat Security Advisories: RHSA-2011:1245
http://www.redhat.com/support/errata/RHSA-2011-1245.html
RedHat Security Advisories: RHSA-2011:1294
http://www.redhat.com/support/errata/RHSA-2011-1294.html
RedHat Security Advisories: RHSA-2011:1300
http://www.redhat.com/support/errata/RHSA-2011-1300.html
RedHat Security Advisories: RHSA-2011:1329
http://www.redhat.com/support/errata/RHSA-2011-1329.html
RedHat Security Advisories: RHSA-2011:1330
http://www.redhat.com/support/errata/RHSA-2011-1330.html
RedHat Security Advisories: RHSA-2011:1369
http://www.redhat.com/support/errata/RHSA-2011-1369.html
http://securitytracker.com/id?1025960
http://secunia.com/advisories/45606
http://secunia.com/advisories/45937
http://secunia.com/advisories/46000
http://secunia.com/advisories/46125
http://secunia.com/advisories/46126
SuSE Security Announcement: SUSE-SU-2011:1000 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html
SuSE Security Announcement: SUSE-SU-2011:1007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html
SuSE Security Announcement: SUSE-SU-2011:1010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html
SuSE Security Announcement: SUSE-SU-2011:1216 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html
SuSE Security Announcement: SUSE-SU-2011:1229 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html
SuSE Security Announcement: openSUSE-SU-2011:0993 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html
http://www.ubuntu.com/usn/USN-1199-1
XForce ISS Database: apache-http-byterange-dos(69396)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69396




© 1998-2021 E-Soft Inc. All rights reserved.