Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3192

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2011-3192
Last Modified 15 Nov 2013 12:33:04
Published 29 Aug 2011 11:55:02
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-3192

Summary

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.

Vulnerable Systems

Application

  • Apache Http Server 1.3

  • Apache Http Server 1.3.0

  • Apache Http Server 1.3.1

  • Apache Http Server 1.3.1.1

  • Apache Http Server 1.3.10

  • Apache Http Server 1.3.11

  • Apache Http Server 1.3.12

  • Apache Http Server 1.3.13

  • Apache Http Server 1.3.14

  • Apache Http Server 1.3.15

  • Apache Http Server 1.3.16

  • Apache Http Server 1.3.17

  • Apache Http Server 1.3.18

  • Apache Http Server 1.3.19

  • Apache Http Server 1.3.2

  • Apache Http Server 1.3.20

  • Apache Http Server 1.3.22

  • Apache Http Server 1.3.23

  • Apache Http Server 1.3.24

  • Apache Http Server 1.3.25

  • Apache Http Server 1.3.26

  • Apache Http Server 1.3.27

  • Apache Http Server 1.3.28

  • Apache Http Server 1.3.29

  • Apache Http Server 1.3.3

  • Apache Http Server 1.3.30

  • Apache Http Server 1.3.31

  • Apache Http Server 1.3.32

  • Apache Http Server 1.3.33

  • Apache Http Server 1.3.34

  • Apache Http Server 1.3.35

  • Apache Http Server 1.3.36

  • Apache Http Server 1.3.37

  • Apache Http Server 1.3.38

  • Apache Http Server 1.3.39

  • Apache Http Server 1.3.4

  • Apache Http Server 1.3.41

  • Apache Http Server 1.3.42

  • Apache Http Server 1.3.5

  • Apache Http Server 1.3.6

  • Apache Http Server 1.3.65

  • Apache Http Server 1.3.68

  • Apache Http Server 1.3.7

  • Apache Http Server 1.3.8

  • Apache Http Server 1.3.9

  • Apache Http Server 2.0

  • Apache Http Server 2.0.28

  • Apache Http Server 2.0.32

  • Apache Http Server 2.0.34

  • Apache Http Server 2.0.35

  • Apache Http Server 2.0.36

  • Apache Http Server 2.0.37

  • Apache Http Server 2.0.38

  • Apache Http Server 2.0.39

  • Apache Http Server 2.0.40

  • Apache Http Server 2.0.41

  • Apache Http Server 2.0.42

  • Apache Http Server 2.0.43

  • Apache Http Server 2.0.44

  • Apache Http Server 2.0.45

  • Apache Http Server 2.0.46

  • Apache Http Server 2.0.47

  • Apache Http Server 2.0.48

  • Apache Http Server 2.0.49

  • Apache Http Server 2.0.50

  • Apache Http Server 2.0.51

  • Apache Http Server 2.0.52

  • Apache Http Server 2.0.53

  • Apache Http Server 2.0.54

  • Apache Http Server 2.0.55

  • Apache Http Server 2.0.56

  • Apache Http Server 2.0.57

  • Apache Http Server 2.0.58

  • Apache Http Server 2.0.59

  • Apache Http Server 2.0.60

  • Apache Http Server 2.0.61

  • Apache Http Server 2.0.63

  • Apache Http Server 2.0.64

  • Apache Http Server 2.0.9

  • Apache Http Server 2.2.0

  • Apache Http Server 2.2.1

  • Apache Http Server 2.2.10

  • Apache Http Server 2.2.11

  • Apache Http Server 2.2.12

  • Apache Http Server 2.2.13

  • Apache Http Server 2.2.14

  • Apache Http Server 2.2.15

  • Apache Http Server 2.2.16

  • Apache Http Server 2.2.18

  • Apache Http Server 2.2.19

  • Apache Http Server 2.2.2

  • Apache Http Server 2.2.3

  • Apache Http Server 2.2.4

  • Apache Http Server 2.2.6

  • Apache Http Server 2.2.8

  • Apache Http Server 2.2.9


References

CERT-VN - VU#405811

MLIST - [dev] 20110823 Re: DoS with mod_deflate & range requests

CONFIRM - https://issues.apache.org/bugzilla/show_bug.cgi?id=51714

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=732928

XF - apache-http-byterange-dos(69396)

UBUNTU - USN-1199-1

BID - 49303

REDHAT - RHSA-2011:1369

REDHAT - RHSA-2011:1330

REDHAT - RHSA-2011:1329

REDHAT - RHSA-2011:1300

REDHAT - RHSA-2011:1294

REDHAT - RHSA-2011:1245

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html

CONFIRM - http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html

MANDRIVA - MDVSA-2011:130

CONFIRM - http://www.gossamer-threads.com/lists/apache/dev/401638

EXPLOIT-DB - 17696

CISCO - 20110830 Apache HTTPd Range Header Denial of Service Vulnerability

CONFIRM - http://www.apache.org/dist/httpd/Announcement2.2.html

CONFIRM - http://support.apple.com/kb/HT5002

SECTRACK - 1025960

SECUNIA - 46126

SECUNIA - 46125

SECUNIA - 46000

SECUNIA - 45937

SECUNIA - 45606

FULLDISC - 20110820 Apache Killer

OSVDB - 74721

HP - HPSBUX02707

HP - SSRT100626

HP - HPSBUX02702

HP - SSRT100606

MLIST - [announce] 20110824 Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x \(CVE-2011-3192\)

SUSE - SUSE-SU-2011:1010

SUSE - SUSE-SU-2011:1007

SUSE - SUSE-SU-2011:1000

SUSE - openSUSE-SU-2011:0993

APPLE - APPLE-SA-2011-10-12-3

CONFIRM - http://blogs.oracle.com/security/entry/security_alert_for_cve_2011

FULLDISC - 20110824 Re: Apache Killer

HP - HPSBMU02704

SUSE - SUSE-SU-2011:1229

SUSE - SUSE-SU-2011:1216

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html

HP - HPSBOV02822

HP - SSRT100966

MANDRIVA - MDVSA-2013:150

Related Patches

Apple 2011-10-12 Mac OS X 10.7.2 Combo Update

Apple 2011-10-12 Mac OS X Server 10.7.2 Update

Apple 2011-10-12 Mac OS X 10.7.2 Update

Apple 2011-10-12 Mac OS X Server 10.7.2 Combo Update

Apple 2011-10-12 Security Update 2011-006 (Snow Leopard)

Apple 2011-10-12 Security Update 2011-006 Server (Snow Leopard)


Last Updated: 27 May 2016 10:57:21