Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-3192

Опубликовано: 20 авг. 2011
Источник: redhat
CVSS2: 5

Описание

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.

Отчет

Before updated packages are deployed, users can deploy configuration changes to mitigate this flaw: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3192#c18

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Application Stack v2 for Enterprise LinuxhttpdAffected
Red Hat Certificate System 7.3httpdAffected
Red Hat Directory Server 8httpdAffected
Red Hat Enterprise Linux Extended Update Support 5.3httpdAffected
Red Hat Enterprise Linux Extended Update Support 5.6httpdAffected
Red Hat Satellite 5.0rhn-apacheNot affected
Red Hat Satellite Proxy 5.0rhn-apacheNot affected
JBEWS 1.0 for RHEL 4httpd22FixedRHSA-2011:132921.09.2011
Red Hat Enterprise Linux 3 Extended Lifecycle SupporthttpdFixedRHSA-2011:130015.09.2011
Red Hat Enterprise Linux 4httpdFixedRHSA-2011:124531.08.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=732928httpd: multiple ranges DoS

5 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-3192

ubuntu
почти 14 лет назад

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.

nvd логотип

CVE-2011-3192

nvd
почти 14 лет назад

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.

debian логотип

CVE-2011-3192

debian
почти 14 лет назад

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2. ...

github логотип

GHSA-r3pv-69hm-fcjw

github
около 3 лет назад

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.

oracle-oval логотип

ELSA-2011-1245

oracle-oval
почти 14 лет назад

ELSA-2011-1245: httpd security update (IMPORTANT)

5 Medium

CVSS2