ID

VAR-201108-0132


CVE

CVE-2011-3192


TITLE

Apache HTTPD 1.3/2.x Range header DoS vulnerability

Trust: 0.8

sources: CERT/CC: VU#405811

DESCRIPTION

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. Both the 'Range' header and the 'Range-Request' header are vulnerable. The attack tool causes a significant increase in CPU and memory usage on the server. Apache HTTPD The server has a service disruption (DoS) Vulnerabilities exist. Apache HTTPD The server Range Header and Request-Range There is a problem with header processing, and service operation is interrupted. (DoS) Vulnerabilities exist. Attacks using this vulnerability have been observed. Also, "Apache Killer" The attack tool called is released. Apache The advisory states that: "Background and the 2007 report There are two aspects to this vulnerability. One is new, is Apache specific; and resolved with this server side fix. The other issue is fundamentally a protocol design issue dating back to 2007: http://seclists.org/bugtraq/2007/Jan/83 The contemporary interpretation of the HTTP protocol (currently) requires a server to return multiple (overlapping) ranges; in the order requested. This means that one can request a very large range (e.g. from byte 0- to the end) 100's of times in a single request. Being able to do so is an issue for (probably all) webservers and currently subject of an IETF discussion to change the protocol: http://trac.tools.ietf.org/wg/httpbis/trac/ticket/311 This advisory details a problem with how Apache httpd and its so called internal 'bucket brigades' deal with serving such "valid" request. The problem is that currently such requests internally explode into 100's of large fetches, all of which are kept in memory in an inefficient way. This is being addressed in two ways. By making things more efficient. And by weeding out or simplifying requests deemed too unwieldy."Service disruption by a remote third party (DoS) There is a possibility of being attacked. Summary: Updated httpd packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 3. (CVE-2011-3192) All httpd users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 732928 - CVE-2011-3192 httpd: multiple ranges DoS 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/httpd-2.0.52-48.ent.src.rpm i386: httpd-2.0.52-48.ent.i386.rpm httpd-debuginfo-2.0.52-48.ent.i386.rpm httpd-devel-2.0.52-48.ent.i386.rpm httpd-manual-2.0.52-48.ent.i386.rpm httpd-suexec-2.0.52-48.ent.i386.rpm mod_ssl-2.0.52-48.ent.i386.rpm ia64: httpd-2.0.52-48.ent.ia64.rpm httpd-debuginfo-2.0.52-48.ent.ia64.rpm httpd-devel-2.0.52-48.ent.ia64.rpm httpd-manual-2.0.52-48.ent.ia64.rpm httpd-suexec-2.0.52-48.ent.ia64.rpm mod_ssl-2.0.52-48.ent.ia64.rpm ppc: httpd-2.0.52-48.ent.ppc.rpm httpd-debuginfo-2.0.52-48.ent.ppc.rpm httpd-devel-2.0.52-48.ent.ppc.rpm httpd-manual-2.0.52-48.ent.ppc.rpm httpd-suexec-2.0.52-48.ent.ppc.rpm mod_ssl-2.0.52-48.ent.ppc.rpm s390: httpd-2.0.52-48.ent.s390.rpm httpd-debuginfo-2.0.52-48.ent.s390.rpm httpd-devel-2.0.52-48.ent.s390.rpm httpd-manual-2.0.52-48.ent.s390.rpm httpd-suexec-2.0.52-48.ent.s390.rpm mod_ssl-2.0.52-48.ent.s390.rpm s390x: httpd-2.0.52-48.ent.s390x.rpm httpd-debuginfo-2.0.52-48.ent.s390x.rpm httpd-devel-2.0.52-48.ent.s390x.rpm httpd-manual-2.0.52-48.ent.s390x.rpm httpd-suexec-2.0.52-48.ent.s390x.rpm mod_ssl-2.0.52-48.ent.s390x.rpm x86_64: httpd-2.0.52-48.ent.x86_64.rpm httpd-debuginfo-2.0.52-48.ent.x86_64.rpm httpd-devel-2.0.52-48.ent.x86_64.rpm httpd-manual-2.0.52-48.ent.x86_64.rpm httpd-suexec-2.0.52-48.ent.x86_64.rpm mod_ssl-2.0.52-48.ent.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/httpd-2.0.52-48.ent.src.rpm i386: httpd-2.0.52-48.ent.i386.rpm httpd-debuginfo-2.0.52-48.ent.i386.rpm httpd-devel-2.0.52-48.ent.i386.rpm httpd-manual-2.0.52-48.ent.i386.rpm httpd-suexec-2.0.52-48.ent.i386.rpm mod_ssl-2.0.52-48.ent.i386.rpm x86_64: httpd-2.0.52-48.ent.x86_64.rpm httpd-debuginfo-2.0.52-48.ent.x86_64.rpm httpd-devel-2.0.52-48.ent.x86_64.rpm httpd-manual-2.0.52-48.ent.x86_64.rpm httpd-suexec-2.0.52-48.ent.x86_64.rpm mod_ssl-2.0.52-48.ent.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/httpd-2.0.52-48.ent.src.rpm i386: httpd-2.0.52-48.ent.i386.rpm httpd-debuginfo-2.0.52-48.ent.i386.rpm httpd-devel-2.0.52-48.ent.i386.rpm httpd-manual-2.0.52-48.ent.i386.rpm httpd-suexec-2.0.52-48.ent.i386.rpm mod_ssl-2.0.52-48.ent.i386.rpm ia64: httpd-2.0.52-48.ent.ia64.rpm httpd-debuginfo-2.0.52-48.ent.ia64.rpm httpd-devel-2.0.52-48.ent.ia64.rpm httpd-manual-2.0.52-48.ent.ia64.rpm httpd-suexec-2.0.52-48.ent.ia64.rpm mod_ssl-2.0.52-48.ent.ia64.rpm x86_64: httpd-2.0.52-48.ent.x86_64.rpm httpd-debuginfo-2.0.52-48.ent.x86_64.rpm httpd-devel-2.0.52-48.ent.x86_64.rpm httpd-manual-2.0.52-48.ent.x86_64.rpm httpd-suexec-2.0.52-48.ent.x86_64.rpm mod_ssl-2.0.52-48.ent.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/httpd-2.0.52-48.ent.src.rpm i386: httpd-2.0.52-48.ent.i386.rpm httpd-debuginfo-2.0.52-48.ent.i386.rpm httpd-devel-2.0.52-48.ent.i386.rpm httpd-manual-2.0.52-48.ent.i386.rpm httpd-suexec-2.0.52-48.ent.i386.rpm mod_ssl-2.0.52-48.ent.i386.rpm ia64: httpd-2.0.52-48.ent.ia64.rpm httpd-debuginfo-2.0.52-48.ent.ia64.rpm httpd-devel-2.0.52-48.ent.ia64.rpm httpd-manual-2.0.52-48.ent.ia64.rpm httpd-suexec-2.0.52-48.ent.ia64.rpm mod_ssl-2.0.52-48.ent.ia64.rpm x86_64: httpd-2.0.52-48.ent.x86_64.rpm httpd-debuginfo-2.0.52-48.ent.x86_64.rpm httpd-devel-2.0.52-48.ent.x86_64.rpm httpd-manual-2.0.52-48.ent.x86_64.rpm httpd-suexec-2.0.52-48.ent.x86_64.rpm mod_ssl-2.0.52-48.ent.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/httpd-2.2.3-53.el5_7.1.src.rpm i386: httpd-2.2.3-53.el5_7.1.i386.rpm httpd-debuginfo-2.2.3-53.el5_7.1.i386.rpm mod_ssl-2.2.3-53.el5_7.1.i386.rpm x86_64: httpd-2.2.3-53.el5_7.1.x86_64.rpm httpd-debuginfo-2.2.3-53.el5_7.1.x86_64.rpm mod_ssl-2.2.3-53.el5_7.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/httpd-2.2.3-53.el5_7.1.src.rpm i386: httpd-debuginfo-2.2.3-53.el5_7.1.i386.rpm httpd-devel-2.2.3-53.el5_7.1.i386.rpm httpd-manual-2.2.3-53.el5_7.1.i386.rpm x86_64: httpd-debuginfo-2.2.3-53.el5_7.1.i386.rpm httpd-debuginfo-2.2.3-53.el5_7.1.x86_64.rpm httpd-devel-2.2.3-53.el5_7.1.i386.rpm httpd-devel-2.2.3-53.el5_7.1.x86_64.rpm httpd-manual-2.2.3-53.el5_7.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/httpd-2.2.3-53.el5_7.1.src.rpm i386: httpd-2.2.3-53.el5_7.1.i386.rpm httpd-debuginfo-2.2.3-53.el5_7.1.i386.rpm httpd-devel-2.2.3-53.el5_7.1.i386.rpm httpd-manual-2.2.3-53.el5_7.1.i386.rpm mod_ssl-2.2.3-53.el5_7.1.i386.rpm ia64: httpd-2.2.3-53.el5_7.1.ia64.rpm httpd-debuginfo-2.2.3-53.el5_7.1.ia64.rpm httpd-devel-2.2.3-53.el5_7.1.ia64.rpm httpd-manual-2.2.3-53.el5_7.1.ia64.rpm mod_ssl-2.2.3-53.el5_7.1.ia64.rpm ppc: httpd-2.2.3-53.el5_7.1.ppc.rpm httpd-debuginfo-2.2.3-53.el5_7.1.ppc.rpm httpd-debuginfo-2.2.3-53.el5_7.1.ppc64.rpm httpd-devel-2.2.3-53.el5_7.1.ppc.rpm httpd-devel-2.2.3-53.el5_7.1.ppc64.rpm httpd-manual-2.2.3-53.el5_7.1.ppc.rpm mod_ssl-2.2.3-53.el5_7.1.ppc.rpm s390x: httpd-2.2.3-53.el5_7.1.s390x.rpm httpd-debuginfo-2.2.3-53.el5_7.1.s390.rpm httpd-debuginfo-2.2.3-53.el5_7.1.s390x.rpm httpd-devel-2.2.3-53.el5_7.1.s390.rpm httpd-devel-2.2.3-53.el5_7.1.s390x.rpm httpd-manual-2.2.3-53.el5_7.1.s390x.rpm mod_ssl-2.2.3-53.el5_7.1.s390x.rpm x86_64: httpd-2.2.3-53.el5_7.1.x86_64.rpm httpd-debuginfo-2.2.3-53.el5_7.1.i386.rpm httpd-debuginfo-2.2.3-53.el5_7.1.x86_64.rpm httpd-devel-2.2.3-53.el5_7.1.i386.rpm httpd-devel-2.2.3-53.el5_7.1.x86_64.rpm httpd-manual-2.2.3-53.el5_7.1.x86_64.rpm mod_ssl-2.2.3-53.el5_7.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/httpd-2.2.15-9.el6_1.2.src.rpm i386: httpd-2.2.15-9.el6_1.2.i686.rpm httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm httpd-tools-2.2.15-9.el6_1.2.i686.rpm x86_64: httpd-2.2.15-9.el6_1.2.x86_64.rpm httpd-debuginfo-2.2.15-9.el6_1.2.x86_64.rpm httpd-tools-2.2.15-9.el6_1.2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/httpd-2.2.15-9.el6_1.2.src.rpm i386: httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm httpd-devel-2.2.15-9.el6_1.2.i686.rpm mod_ssl-2.2.15-9.el6_1.2.i686.rpm noarch: httpd-manual-2.2.15-9.el6_1.2.noarch.rpm x86_64: httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm httpd-debuginfo-2.2.15-9.el6_1.2.x86_64.rpm httpd-devel-2.2.15-9.el6_1.2.i686.rpm httpd-devel-2.2.15-9.el6_1.2.x86_64.rpm mod_ssl-2.2.15-9.el6_1.2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/httpd-2.2.15-9.el6_1.2.src.rpm x86_64: httpd-2.2.15-9.el6_1.2.x86_64.rpm httpd-debuginfo-2.2.15-9.el6_1.2.x86_64.rpm httpd-tools-2.2.15-9.el6_1.2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/httpd-2.2.15-9.el6_1.2.src.rpm noarch: httpd-manual-2.2.15-9.el6_1.2.noarch.rpm x86_64: httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm httpd-debuginfo-2.2.15-9.el6_1.2.x86_64.rpm httpd-devel-2.2.15-9.el6_1.2.i686.rpm httpd-devel-2.2.15-9.el6_1.2.x86_64.rpm mod_ssl-2.2.15-9.el6_1.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/httpd-2.2.15-9.el6_1.2.src.rpm i386: httpd-2.2.15-9.el6_1.2.i686.rpm httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm httpd-devel-2.2.15-9.el6_1.2.i686.rpm httpd-tools-2.2.15-9.el6_1.2.i686.rpm mod_ssl-2.2.15-9.el6_1.2.i686.rpm noarch: httpd-manual-2.2.15-9.el6_1.2.noarch.rpm ppc64: httpd-2.2.15-9.el6_1.2.ppc64.rpm httpd-debuginfo-2.2.15-9.el6_1.2.ppc.rpm httpd-debuginfo-2.2.15-9.el6_1.2.ppc64.rpm httpd-devel-2.2.15-9.el6_1.2.ppc.rpm httpd-devel-2.2.15-9.el6_1.2.ppc64.rpm httpd-tools-2.2.15-9.el6_1.2.ppc64.rpm mod_ssl-2.2.15-9.el6_1.2.ppc64.rpm s390x: httpd-2.2.15-9.el6_1.2.s390x.rpm httpd-debuginfo-2.2.15-9.el6_1.2.s390.rpm httpd-debuginfo-2.2.15-9.el6_1.2.s390x.rpm httpd-devel-2.2.15-9.el6_1.2.s390.rpm httpd-devel-2.2.15-9.el6_1.2.s390x.rpm httpd-tools-2.2.15-9.el6_1.2.s390x.rpm mod_ssl-2.2.15-9.el6_1.2.s390x.rpm x86_64: httpd-2.2.15-9.el6_1.2.x86_64.rpm httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm httpd-debuginfo-2.2.15-9.el6_1.2.x86_64.rpm httpd-devel-2.2.15-9.el6_1.2.i686.rpm httpd-devel-2.2.15-9.el6_1.2.x86_64.rpm httpd-tools-2.2.15-9.el6_1.2.x86_64.rpm mod_ssl-2.2.15-9.el6_1.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/httpd-2.2.15-9.el6_1.2.src.rpm i386: httpd-2.2.15-9.el6_1.2.i686.rpm httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm httpd-devel-2.2.15-9.el6_1.2.i686.rpm httpd-tools-2.2.15-9.el6_1.2.i686.rpm mod_ssl-2.2.15-9.el6_1.2.i686.rpm noarch: httpd-manual-2.2.15-9.el6_1.2.noarch.rpm x86_64: httpd-2.2.15-9.el6_1.2.x86_64.rpm httpd-debuginfo-2.2.15-9.el6_1.2.i686.rpm httpd-debuginfo-2.2.15-9.el6_1.2.x86_64.rpm httpd-devel-2.2.15-9.el6_1.2.i686.rpm httpd-devel-2.2.15-9.el6_1.2.x86_64.rpm httpd-tools-2.2.15-9.el6_1.2.x86_64.rpm mod_ssl-2.2.15-9.el6_1.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-3192.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03280632 Version: 2 HPSBMU02764 SSRT100827 rev.2 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2012-04-16 Last Updated: 2012-04-19 Potential Security Impact: Remote cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. References: CVE-2009-0037, CVE-2010-0734, CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-2791, CVE-2010-3436, CVE-2010-4409, CVE-2010-4645, CVE-2011-0014, CVE-2011-0195, CVE-2011-0419, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1467, CVE-2011-1468, CVE-2011-1470, CVE-2011-1471, CVE-2011-1928, CVE-2011-1938, CVE-2011-1945, CVE-2011-2192, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3189, CVE-2011-3192, CVE-2011-3267, CVE-2011-3268, CVE-2011-3207, CVE-2011-3210, CVE-2011-3348, CVE-2011-3368, CVE-2011-3639, CVE-2011-3846, SSRT100376, CVE-2012-0135, SSRT100609, CVE-2012-1993, SSRT10043 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP System Management Homepage (SMH) before v7.0 running on Linux and Windows. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2009-0037 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2010-0734 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2010-1452 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-1623 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-2068 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2010-2791 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2010-3436 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2010-4409 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-4645 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-0014 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-0195 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-0419 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1148 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-1153 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-1464 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1467 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-1468 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1471 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1928 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1938 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-1945 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2011-2192 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-2202 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 CVE-2011-2483 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-3182 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-3189 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-3192 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2011-3267 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-3268 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-3207 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2011-3210 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-3348 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-3368 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-3639 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2011-3846 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2012-0135 (AV:N/AC:M/Au:S/C:N/I:N/A:P) 3.5 CVE-2012-1993 (AV:L/AC:L/Au:S/C:P/I:P/A:N) 3.2 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 The Hewlett-Packard Company thanks Sow Ching Shiong coordinating with Secunia for reporting CVE-2011-3846 to security-alert@hp.com. The Hewlett-Packard Company thanks Silent Dream for reporting CVE-2012-0135 to security-alert@hp.com RESOLUTION HP has provided HP System Management Homepage v7.0 or subsequent to resolve the vulnerabilities. SMH v7.0 is available here: http://h18000.www1.hp.com/products/servers/management/agents/index.html HISTORY Version:1 (rev.1) 16 April 2012 Initial release Version:2 (rev.2) 19 April 2012 Remove CVE-2011-4317 Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Furthermore various vendor updates, improved regexes (speed and accommodating a different and new attack pattern). Active use of this tool has been observed. The default Apache HTTPD installation is vulnerable. This advisory will be updated when a long term fix is available. A full fix is expected in the next 24 hours. Mitigation: =========== There are several immediate options to mitigate this issue until a full fix is available. Below examples handle both the 'Range' and the legacy 'Request-Range' with various levels of care. Note that 'Request-Range' is a legacy name dating back to Netscape Navigator 2-3 and MSIE 3. Depending on your user community - it is likely that you can use option '3' safely for this older 'Request-Range'. # CVE-2011-3192 SetEnvIf Range (?:,.*?){5,5} bad-range=1 RequestHeader unset Range env=bad-range # We always drop Request-Range; as this is a legacy # dating back to MSIE3 and Netscape 2 and 3. RequestHeader unset Request-Range # optional logging. CustomLog logs/range-CVE-2011-3192.log common env=bad-range CustomLog logs/range-CVE-2011-3192.log common env=bad-req-range Above may not work for all configurations. In particular situations mod_cache and (language) modules may act before the 'unset' is executed upon during the 'fixup' phase. # CVE-2011-3192 # RewriteEngine on RewriteCond %{HTTP:range} !(bytes=[^,]+(,[^,]+){0,4}$|^$) # RewriteCond %{HTTP:request-range} !(bytes=[^,]+(?:,[^,]+){0,4}$|^$) RewriteRule .* - [F] # We always drop Request-Range; as this is a legacy # dating back to MSIE3 and Netscape 2 and 3. RequestHeader unset Request-Range The number 5 is arbitrary. Several 10's should not be an issue and may be required for sites which for example serve PDFs to very high end eReaders or use things such complex http based video streaming. 2) Limit the size of the request field to a few hundred bytes. Note that while this keeps the offending Range header short - it may break other headers; such as sizeable cookies or security fields. LimitRequestFieldSize 200 Note that as the attack evolves in the field you are likely to have to further limit this and/or impose other LimitRequestFields limits. See: http://httpd.apache.org/docs/2.2/mod/core.html#limitrequestfieldsize 3) Use mod_headers to completely dis-allow the use of Range headers: RequestHeader unset Range Note that this may break certain clients - such as those used for e-Readers and progressive/http-streaming video. Furthermore to ignore the Netscape Navigator 2-3 and MSIE 3 specific legacy header - add: RequestHeader unset Request-Range Unlike the commonly used 'Range' header - dropping the 'Request-Range' is not likely to affect many clients. 4) Deploy a Range header count module as a temporary stopgap measure: http://people.apache.org/~dirkx/mod_rangecnt.c Precompiled binaries for some platforms are available at: http://people.apache.org/~dirkx/BINARIES.txt 5) Apply any of the current patches under discussion - such as: http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefhTKPWBC1b+K1Dqc7g@mail.gmail.com%3e http://svn.apache.org/viewvc?view=revision&sortby=date&revision=1161534 OS and Vendor specific information ================================== Red Hat: Option 1 cannot be used on Red Hat Enterprise Linux 4. https://bugzilla.redhat.com/show_bug.cgi?id=732928 NetWare: Pre compiled binaries available. mod_security: Has updated their rule set; see http://blog.spiderlabs.com/2011/08/mitigation-of-apache-range-header-dos-attack.html Actions: ======== Apache HTTPD users who are concerned about a DoS attack against their server should consider implementing any of the above mitigations immediately. When using a third party attack tool to verify vulnerability - note that most of the versions in the wild currently check for the presence of mod_deflate; and will (mis)report that your server is not vulnerable if this module is not present. This vulnerability is not dependent on presence or absence of that module. Planning: ========= This advisory will be updated when new information, a patch or a new release is available. Note that, while popular, Apache 1.3 is deprecated. - -- end of advisory - update 2 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (Darwin) iEYEARECAAYFAk5Xdu8ACgkQ/W+IxiHQpxvN8ACgwsUJ6oYMq3SyoPHCR7rqsbP6 DFkAoKhZcF87F96h40tQdM1SZsiVX9N5 =07sc -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Enjoy! * apache has been upgraded to the latest version (2.2.21) for 2011 _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 _______________________________________________________________________ Updated Packages: Mandriva Linux 2011: 5c4825e4c63b4a06c68a5fd81517de71 2011/i586/apache-base-2.2.21-0.1-mdv2011.0.i586.rpm b5a00191b27804f9735643cdcd704b19 2011/i586/apache-conf-2.2.21-0.1-mdv2011.0.i586.rpm 49defd7efbb4a37ec49c01c7ef9c64aa 2011/i586/apache-devel-2.2.21-0.1-mdv2011.0.i586.rpm a023e40689777630df036eae1a84a475 2011/i586/apache-doc-2.2.21-0.1-mdv2011.0.noarch.rpm f03744bb74a3e0872cb08465799c3ee1 2011/i586/apache-htcacheclean-2.2.21-0.1-mdv2011.0.i586.rpm bb9efa66089deef66f9434b813d41a95 2011/i586/apache-mod_authn_dbd-2.2.21-0.1-mdv2011.0.i586.rpm bb334eb7fe43927ba7c6c9196b4e1fd1 2011/i586/apache-mod_cache-2.2.21-0.1-mdv2011.0.i586.rpm 086b5ed82c064b16964fff70bf9c841e 2011/i586/apache-mod_dav-2.2.21-0.1-mdv2011.0.i586.rpm 115008b2471e10ea01689dafe5c46bcd 2011/i586/apache-mod_dbd-2.2.21-0.1-mdv2011.0.i586.rpm 6b686ec6612ff8740d1e482faa06c544 2011/i586/apache-mod_deflate-2.2.21-0.1-mdv2011.0.i586.rpm 8c8f14074bc0dbbeb2b3890611f95c6b 2011/i586/apache-mod_disk_cache-2.2.21-0.1-mdv2011.0.i586.rpm b03569edc20c9393e0b5eea09f590368 2011/i586/apache-mod_file_cache-2.2.21-0.1-mdv2011.0.i586.rpm 343703d3822a6757e000edeebe7e0a06 2011/i586/apache-mod_ldap-2.2.21-0.1-mdv2011.0.i586.rpm 3457011403525d40e525716c4da8e477 2011/i586/apache-mod_mem_cache-2.2.21-0.1-mdv2011.0.i586.rpm 3d060145b3665ca4c0b309f812af9370 2011/i586/apache-mod_proxy-2.2.21-0.1-mdv2011.0.i586.rpm a0e00b0610eb5a8c5c57afabeafc07f8 2011/i586/apache-mod_proxy_ajp-2.2.21-0.1-mdv2011.0.i586.rpm dd4bb38bbc2997ca398fb37225eca371 2011/i586/apache-mod_proxy_scgi-2.2.21-0.1-mdv2011.0.i586.rpm 2966cdfddf02fa32447711af6a3046dd 2011/i586/apache-mod_reqtimeout-2.2.21-0.1-mdv2011.0.i586.rpm 48774d9c282dc476f35a0c8b2e821a7f 2011/i586/apache-mod_ssl-2.2.21-0.1-mdv2011.0.i586.rpm 7b832f85bd258abf0c7abb161f4028b4 2011/i586/apache-mod_suexec-2.2.21-0.1-mdv2011.0.i586.rpm 1c6b93eaa5b27477989bf82ea9a63685 2011/i586/apache-modules-2.2.21-0.1-mdv2011.0.i586.rpm 1e7dc0ee3fafae8a786be0cc164ebe4a 2011/i586/apache-mod_userdir-2.2.21-0.1-mdv2011.0.i586.rpm ab2d074f2dfe57a64b022d4e6b8254ab 2011/i586/apache-mpm-event-2.2.21-0.1-mdv2011.0.i586.rpm a22debf09366b64e236965a4091009e9 2011/i586/apache-mpm-itk-2.2.21-0.1-mdv2011.0.i586.rpm 174aed4327491b83f147f3b4e76bcd1f 2011/i586/apache-mpm-peruser-2.2.21-0.1-mdv2011.0.i586.rpm e141881c27496e7e74ad7f3f566a1bd2 2011/i586/apache-mpm-prefork-2.2.21-0.1-mdv2011.0.i586.rpm 97893069a3d6eb73e3773bc0ee78c9a4 2011/i586/apache-mpm-worker-2.2.21-0.1-mdv2011.0.i586.rpm fe530e2da15b3e0bf14c617824ff82c9 2011/i586/apache-source-2.2.21-0.1-mdv2011.0.i586.rpm 4376094cd799523a1a7666f4e768707d 2011/SRPMS/apache-2.2.21-0.1.src.rpm b37e2a1dafb6883a10cefb4140e9635e 2011/SRPMS/apache-conf-2.2.21-0.1.src.rpm d83c587ad4d56a31362f67334bbf9455 2011/SRPMS/apache-doc-2.2.21-0.1.src.rpm 0b4a145fd5ff8c11a53956f750cdbd42 2011/SRPMS/apache-mod_suexec-2.2.21-0.1.src.rpm Mandriva Linux 2011/X86_64: 8837c56966896e10d3403956e7cf86ac 2011/x86_64/apache-base-2.2.21-0.1-mdv2011.0.x86_64.rpm aec6da25319585e53623471734f99c57 2011/x86_64/apache-conf-2.2.21-0.1-mdv2011.0.x86_64.rpm e8600455214ad4f2303d9f36576e4952 2011/x86_64/apache-devel-2.2.21-0.1-mdv2011.0.x86_64.rpm 90694f3211fca3d436ec4130b8bb43e2 2011/x86_64/apache-doc-2.2.21-0.1-mdv2011.0.noarch.rpm fd3f6a51c8abf8b1ff8356489ba6d6e1 2011/x86_64/apache-htcacheclean-2.2.21-0.1-mdv2011.0.x86_64.rpm 796c8129bbc160455587bc54c58c2220 2011/x86_64/apache-mod_authn_dbd-2.2.21-0.1-mdv2011.0.x86_64.rpm 61add54b6e0c8306dff065a150b262e2 2011/x86_64/apache-mod_cache-2.2.21-0.1-mdv2011.0.x86_64.rpm cb98169c29008c256662f3a08141bf95 2011/x86_64/apache-mod_dav-2.2.21-0.1-mdv2011.0.x86_64.rpm 5aa03ee54a7e40d41fd746fd1a223c72 2011/x86_64/apache-mod_dbd-2.2.21-0.1-mdv2011.0.x86_64.rpm 386a956f014fe2d64dfe38fc261abd39 2011/x86_64/apache-mod_deflate-2.2.21-0.1-mdv2011.0.x86_64.rpm 5a473bc45fa59323c4d526dd4f5a30d3 2011/x86_64/apache-mod_disk_cache-2.2.21-0.1-mdv2011.0.x86_64.rpm aaa544f7a4912c161a2c73e222ae87d6 2011/x86_64/apache-mod_file_cache-2.2.21-0.1-mdv2011.0.x86_64.rpm f04054edc62a24ea9042c5b41074bd1d 2011/x86_64/apache-mod_ldap-2.2.21-0.1-mdv2011.0.x86_64.rpm 1c97f63c1169f483d086a94b97f5c421 2011/x86_64/apache-mod_mem_cache-2.2.21-0.1-mdv2011.0.x86_64.rpm ca912c34fec5cf470947a7f87e9705a4 2011/x86_64/apache-mod_proxy-2.2.21-0.1-mdv2011.0.x86_64.rpm b5ae70a8ed412e40275b4de7b639caa0 2011/x86_64/apache-mod_proxy_ajp-2.2.21-0.1-mdv2011.0.x86_64.rpm 6b11b032c13277712c336405ea23a8b0 2011/x86_64/apache-mod_proxy_scgi-2.2.21-0.1-mdv2011.0.x86_64.rpm 874a420342f1ea9278e014b79fe5a337 2011/x86_64/apache-mod_reqtimeout-2.2.21-0.1-mdv2011.0.x86_64.rpm 2757b3d7c8261563e22c41d3f94aaa29 2011/x86_64/apache-mod_ssl-2.2.21-0.1-mdv2011.0.x86_64.rpm 6edbc6963aab9beee507f9a3c8be38a2 2011/x86_64/apache-mod_suexec-2.2.21-0.1-mdv2011.0.x86_64.rpm fe6143eaa1acc0de751198ea19129279 2011/x86_64/apache-modules-2.2.21-0.1-mdv2011.0.x86_64.rpm 3e66fa1e1e2cf243c1c6472243cb86fe 2011/x86_64/apache-mod_userdir-2.2.21-0.1-mdv2011.0.x86_64.rpm 7d45bfd7d3aa87d45d2287fdd9507847 2011/x86_64/apache-mpm-event-2.2.21-0.1-mdv2011.0.x86_64.rpm bce9e2cdffe45cbc4baf72f0d0c4000e 2011/x86_64/apache-mpm-itk-2.2.21-0.1-mdv2011.0.x86_64.rpm 217bd96dfa802f7d049b6fd12600b154 2011/x86_64/apache-mpm-peruser-2.2.21-0.1-mdv2011.0.x86_64.rpm cc304b9011d16d7f3cf5c8250e4d9f18 2011/x86_64/apache-mpm-prefork-2.2.21-0.1-mdv2011.0.x86_64.rpm a8bb9b62c39f98a6df728d51a4fff39a 2011/x86_64/apache-mpm-worker-2.2.21-0.1-mdv2011.0.x86_64.rpm 7d41c857be2574ac5f3ea7090a1f3c78 2011/x86_64/apache-source-2.2.21-0.1-mdv2011.0.x86_64.rpm 4376094cd799523a1a7666f4e768707d 2011/SRPMS/apache-2.2.21-0.1.src.rpm b37e2a1dafb6883a10cefb4140e9635e 2011/SRPMS/apache-conf-2.2.21-0.1.src.rpm d83c587ad4d56a31362f67334bbf9455 2011/SRPMS/apache-doc-2.2.21-0.1.src.rpm 0b4a145fd5ff8c11a53956f750cdbd42 2011/SRPMS/apache-mod_suexec-2.2.21-0.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Hitachi Products ByteRange Filter Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46229 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46229/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46229 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46229/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46229/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46229 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Hitachi has acknowledged a vulnerability in multiple Hitachi products, which can be exploited by malicious people to cause a DoS (Denial of Service). SOLUTION: Apply fixes (please see the vendor's advisory for details). ORIGINAL ADVISORY: Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS11-020/index.html http://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS11-021/index.html http://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS11-022/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.97

sources: NVD: CVE-2011-3192 // CERT/CC: VU#405811 // JVNDB: JVNDB-2011-002172 // VULMON: CVE-2011-3192 // PACKETSTORM: 104441 // PACKETSTORM: 104672 // PACKETSTORM: 112043 // PACKETSTORM: 104479 // PACKETSTORM: 105184 // PACKETSTORM: 106388

AFFECTED PRODUCTS

vendor:susemodel:linux enterprise software development kitscope:eqversion:10

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:10.10

Trust: 1.0

vendor:apachemodel:http serverscope:ltversion:2.0.65

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:8.04

Trust: 1.0

vendor:apachemodel:http serverscope:gteversion:2.2.0

Trust: 1.0

vendor:susemodel:linux enterprise serverscope:eqversion:11

Trust: 1.0

vendor:apachemodel:http serverscope:gteversion:2.0.35

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:11.04

Trust: 1.0

vendor:susemodel:linux enterprise software development kitscope:eqversion:11

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:10.04

Trust: 1.0

vendor:susemodel:linux enterprise serverscope:eqversion:10

Trust: 1.0

vendor:opensusemodel:opensusescope:eqversion:11.3

Trust: 1.0

vendor:opensusemodel:opensusescope:eqversion:11.4

Trust: 1.0

vendor:apachemodel:http serverscope:ltversion:2.2.20

Trust: 1.0

vendor:apache http servermodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:debian gnu linuxmodel: - scope: - version: -

Trust: 0.8

vendor:mandriva s amodel: - scope: - version: -

Trust: 0.8

vendor:oraclemodel: - scope: - version: -

Trust: 0.8

vendor:apachemodel:http serverscope:eqversion:1.3 system

Trust: 0.8

vendor:apachemodel:http serverscope:eqversion:2.x system

Trust: 0.8

vendor:ibmmodel:http serverscope:eqversion:1.3

Trust: 0.8

vendor:ibmmodel:http serverscope:eqversion:2.0

Trust: 0.8

vendor:ibmmodel:http serverscope:eqversion:6.0

Trust: 0.8

vendor:ibmmodel:http serverscope:eqversion:6.1

Trust: 0.8

vendor:ibmmodel:http serverscope:eqversion:7.0

Trust: 0.8

vendor:ibmmodel:http serverscope:eqversion:8.0

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.6.8

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.7 and v10.7.1

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.6.8

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.7 and v10.7.1

Trust: 0.8

vendor:oraclemodel:application serverscope:eqversion:10g release 2 version 10.1.2.3

Trust: 0.8

vendor:oraclemodel:application serverscope:eqversion:10g release 3 version 10.1.3.5

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:11g release 1 11.1.1.3

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:11g release 1 11.1.1.4

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:11g release 1 11.1.1.5

Trust: 0.8

vendor:oraclemodel:secure backupscope:eqversion:10.3.0.3

Trust: 0.8

vendor:oraclemodel:secure backupscope:eqversion:10.4.0.1

Trust: 0.8

vendor:oraclemodel:solarisscope:eqversion:10

Trust: 0.8

vendor:oraclemodel:solarisscope:eqversion:11 express

Trust: 0.8

vendor:oraclemodel:supply chain products suitescope:eqversion:5.5.06

Trust: 0.8

vendor:oraclemodel:supply chain products suitescope:eqversion:6.0

Trust: 0.8

vendor:oraclemodel:supply chain products suitescope:eqversion:6.1

Trust: 0.8

vendor:oraclemodel:supply chain products suitescope:eqversion:6.2

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:3.0

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:3.0 (x86-64)

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:4.0

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:4.0 (x86-64)

Trust: 0.8

vendor:hewlett packardmodel:hp secure web server for openvmsscope:lteversion:v2.2

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.23

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.31

Trust: 0.8

vendor:hewlett packardmodel:hp-ux web server suitescope:eqversion:v3.19

Trust: 0.8

vendor:ricohmodel:ridoc document routerscope:ltversion:pro v2 v.2.2.5.0

Trust: 0.8

vendor:ricohmodel:ridoc document routerscope:ltversion:v3 v.3.2.5.0

Trust: 0.8

vendor:ricohmodel:ridoc document routerscope:ltversion:v4 v.4.0.6.0

Trust: 0.8

vendor:ricohmodel:ridoc document serverscope:ltversion:ep v1 / v1 type h v.1.0.6.0

Trust: 0.8

vendor:ricohmodel:ridoc document serverscope:ltversion:ep v2 / v2 type h v.2.0.5.0

Trust: 0.8

vendor:ricohmodel:ridoc document serverscope:ltversion:v3 v.3.2.4.0

Trust: 0.8

vendor:ricohmodel:ridoc document systemscope:ltversion:image log options v1 v.1.1.5.0

Trust: 0.8

vendor:ricohmodel:ridoc io operationserverscope:ltversion:pro / device operation management utility is02.09.00

Trust: 0.8

vendor:ricohmodel:ridoc web navigatorscope:ltversion:lt v.1.0.6.0

Trust: 0.8

vendor:ricohmodel:ridoc web navigatorscope:ltversion:v3 v.3.3.8.0

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (as)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (es)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (ws)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:5 (server)

Trust: 0.8

vendor:red hatmodel:enterprise linux desktopscope:eqversion:4.0

Trust: 0.8

vendor:red hatmodel:enterprise linux desktopscope:eqversion:5.0 (client)

Trust: 0.8

vendor:red hatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:enterprise linux elsscope:eqversion:3

Trust: 0.8

vendor:red hatmodel:enterprise linux eusscope:eqversion:5.6.z (server)

Trust: 0.8

vendor:red hatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.8

vendor:red hatmodel:enterprise linux long lifescope:eqversion:(v. 5.3 server)

Trust: 0.8

vendor:red hatmodel:enterprise linux long lifescope:eqversion:(v. 5.6 server)

Trust: 0.8

vendor:red hatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:enterprise linux server eusscope:eqversion:6.0.z

Trust: 0.8

vendor:red hatmodel:enterprise linux server eusscope:eqversion:6.1.z

Trust: 0.8

vendor:red hatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:rhel desktop workstationscope:eqversion:5 (client)

Trust: 0.8

vendor:necmodel:csviewscope:eqversion:/faq navigator

Trust: 0.8

vendor:necmodel:csviewscope:eqversion:/web questionnaire

Trust: 0.8

vendor:necmodel:pasolink nmsscope: - version: -

Trust: 0.8

vendor:necmodel:webotxscope:eqversion:enterprise edition v4.1 to v6.5

Trust: 0.8

vendor:necmodel:webotxscope:eqversion:standard edition v4.1 to v6.5

Trust: 0.8

vendor:necmodel:webotxscope:eqversion:standard-j edition v4.1 to v6.5

Trust: 0.8

vendor:necmodel:webotxscope:eqversion:web edition v4.1 to v6.5

Trust: 0.8

vendor:necmodel:webotx application serverscope:eqversion:enterprise edition v7.1 to v8.1

Trust: 0.8

vendor:necmodel:webotx application serverscope:eqversion:enterprise v8.2 to v8.4

Trust: 0.8

vendor:necmodel:webotx application serverscope:eqversion:express v8.2 to v8.4

Trust: 0.8

vendor:necmodel:webotx application serverscope:eqversion:foundation v8.2 to v8.4

Trust: 0.8

vendor:necmodel:webotx application serverscope:eqversion:standard edition v7.1 to v8.1

Trust: 0.8

vendor:necmodel:webotx application serverscope:eqversion:standard v8.2 to v8.4

Trust: 0.8

vendor:necmodel:webotx application serverscope:eqversion:standard-j edition v7.1 to v8.1

Trust: 0.8

vendor:necmodel:webotx enterprise service busscope:eqversion:v6.4 to v8.4

Trust: 0.8

vendor:necmodel:webotx portalscope:eqversion:v8.2 to v8.3

Trust: 0.8

vendor:necmodel:webotx sip application serverscope:eqversion:standard edition v7.1 to v8.1

Trust: 0.8

vendor:hitachimodel:groupmax collaborationscope:eqversion:- server

Trust: 0.8

vendor:hitachimodel:hirdb realtime monitorscope: - version: -

Trust: 0.8

vendor:hitachimodel:device managerscope:eqversion:software

Trust: 0.8

vendor:hitachimodel:global link managerscope:eqversion:software

Trust: 0.8

vendor:hitachimodel:it operations analyzerscope: - version: -

Trust: 0.8

vendor:hitachimodel:it operations directorscope: - version: -

Trust: 0.8

vendor:hitachimodel:provisioning managerscope:eqversion:software

Trust: 0.8

vendor:hitachimodel:replication managerscope:eqversion:software

Trust: 0.8

vendor:hitachimodel:tiered storage managerscope:eqversion:software

Trust: 0.8

vendor:hitachimodel:tuning managerscope:eqversion:software

Trust: 0.8

vendor:hitachimodel:web serverscope: - version: -

Trust: 0.8

vendor:hitachimodel:job management partner 1/automatic job management system 3scope:eqversion:- web operation assistant( english edition )

Trust: 0.8

vendor:hitachimodel:job management partner 1/performance management - web consolescope:eqversion:( overseas edition )

Trust: 0.8

vendor:hitachimodel:jp1/automatic job management system 2scope:eqversion:- web operation assistant

Trust: 0.8

vendor:hitachimodel:jp1/automatic job management system 3scope:eqversion:- web operation assistant

Trust: 0.8

vendor:hitachimodel:jp1/cm2/snmp system observerscope: - version: -

Trust: 0.8

vendor:hitachimodel:jp1/hicommand device managerscope: - version: -

Trust: 0.8

vendor:hitachimodel:jp1/hicommand provisioning managerscope: - version: -

Trust: 0.8

vendor:hitachimodel:jp1/hicommand replication monitorscope: - version: -

Trust: 0.8

vendor:hitachimodel:jp1/hicommand tiered storage managerscope: - version: -

Trust: 0.8

vendor:hitachimodel:jp1/hicommand tuning managerscope: - version: -

Trust: 0.8

vendor:hitachimodel:jp1/integrated managementscope:eqversion:- service support

Trust: 0.8

vendor:hitachimodel:jp1/it resource managementscope:eqversion:- manager

Trust: 0.8

vendor:hitachimodel:jp1/it service level managementscope:eqversion:- manager

Trust: 0.8

vendor:hitachimodel:jp1/performance managementscope:eqversion:- manager web option

Trust: 0.8

vendor:hitachimodel:jp1/performance managementscope:eqversion:- web console

Trust: 0.8

vendor:hitachimodel:jp1/serverconductor/control managerscope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:enterprise

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:express

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:light

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:smart edition

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:standard

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:standard-r

Trust: 0.8

vendor:hitachimodel:ucosminexus collaborationscope:eqversion:- server

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:01

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:light

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:professional

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:professional for plug-in

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:standard

Trust: 0.8

vendor:hitachimodel:ucosminexus navigationscope:eqversion:developer

Trust: 0.8

vendor:hitachimodel:ucosminexus navigationscope:eqversion:platform

Trust: 0.8

vendor:hitachimodel:ucosminexus navigationscope:eqversion:platform - authoring license

Trust: 0.8

vendor:hitachimodel:ucosminexus navigationscope:eqversion:platform - user license

Trust: 0.8

vendor:hitachimodel:ucosminexus primary serverscope:eqversion:base

Trust: 0.8

vendor:hitachimodel:ucosminexus servicescope:eqversion:architect

Trust: 0.8

vendor:hitachimodel:ucosminexus servicescope:eqversion:platform

Trust: 0.8

vendor:hitachimodel:ucosminexus servicescope:eqversion:platform - messaging

Trust: 0.8

vendor:hitachimodel:ucosminexus stream data platformscope:eqversion:- application framework

Trust: 0.8

vendor:hitachimodel:electronic form workflowscope:eqversion:standard set

Trust: 0.8

vendor:hitachimodel:electronic form workflowscope:eqversion:set

Trust: 0.8

vendor:hitachimodel:electronic form workflowscope:eqversion:developer client set

Trust: 0.8

vendor:hitachimodel:electronic form workflowscope:eqversion:developer set

Trust: 0.8

vendor:hitachimodel:electronic form workflowscope:eqversion:professional library set

Trust: 0.8

vendor:hitachimodel:electronic form workflowscope:eqversion:professional set

Trust: 0.8

vendor:fujitsumodel:internet navigware serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage application development cycle managerscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage application framework suitescope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage application serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage apworksscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage business application serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage form coordinator workflowscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage job workload serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage list managerscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage list worksscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage service integratorscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage studioscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage web serverscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage xml business activity recorderscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker availability viewscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker centric managerscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker desktop inspectionscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker it change managerscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker it process masterscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker resource coordinatorscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker runbook automationscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker service catalog managerscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker service quality coordinatorscope: - version: -

Trust: 0.8

vendor:fujitsumodel:systemwalker software configuration managerscope: - version: -

Trust: 0.8

vendor:fujitsumodel:cloud infrastructure management softwarescope: - version: -

Trust: 0.8

sources: CERT/CC: VU#405811 // JVNDB: JVNDB-2011-002172 // NVD: CVE-2011-3192

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-3192
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#405811
value: 16.01

Trust: 0.8

NVD: CVE-2011-3192
value: HIGH

Trust: 0.8

VULMON: CVE-2011-3192
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2011-3192
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

sources: CERT/CC: VU#405811 // VULMON: CVE-2011-3192 // JVNDB: JVNDB-2011-002172 // NVD: CVE-2011-3192

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.0

problemtype:CWE-399

Trust: 0.8

sources: JVNDB: JVNDB-2011-002172 // NVD: CVE-2011-3192

THREAT TYPE

remote

Trust: 0.2

sources: PACKETSTORM: 104672 // PACKETSTORM: 105184

TYPE

arbitrary, csrf

Trust: 0.1

sources: PACKETSTORM: 112043

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-002172

EXPLOIT AVAILABILITY

sources: VULMON: CVE-2011-3192

PATCH

title:Fixed in Apache httpd 2.2.20url:http://httpd.apache.org/security/vulnerabilities_22.html#2.2.20

Trust: 0.8

title:Downloading the Apache HTTP Serverurl:http://httpd.apache.org/download.cgi

Trust: 0.8

title:Range header DoS vulnerability Apache HTTPD 1.3/2.x UPDATE 2url:http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3C20110826103531.998348F82@minotaur.apache.org%3E

Trust: 0.8

title:Range header DoS vulnerability Apache HTTPD 1.3/2.xurl:http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3C20110824161640.122D387DD@minotaur.apache.org%3E

Trust: 0.8

title:Apache HTTP Server 2.2.20 Releasedurl:http://www.apache.org/dist/httpd/Announcement2.2.html

Trust: 0.8

title:HT5002url:http://support.apple.com/kb/HT5002

Trust: 0.8

title:Changes with Apache 2.2.20url:http://www.apache.org/dist/httpd/CHANGES_2.2.20

Trust: 0.8

title:cisco-sa-20110830-apacheurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110830-apache

Trust: 0.8

title:HS11-020url:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-020/index.html

Trust: 0.8

title:HS11-021url:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-021/index.html

Trust: 0.8

title:HS11-022url:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-022/index.html

Trust: 0.8

title:HS11-019url:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-019/index.html

Trust: 0.8

title:HPSBOV02822 SSRT100966url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03517954

Trust: 0.8

title:HPSBUX02707 SSRT100626url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03025215

Trust: 0.8

title:HPSBUX02702 SSRT100606url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02997184

Trust: 0.8

title:7021867url:http://www-01.ibm.com/support/docview.wss?uid=swg27021867#8001

Trust: 0.8

title:4030863url:http://www-01.ibm.com/support/docview.wss?uid=swg24030863

Trust: 0.8

title:1512087url:http://www-01.ibm.com/support/docview.wss?uid=swg21512087

Trust: 0.8

title:J1008285url:http://www-01.ibm.com/support/docview.wss?uid=jpn1J1008285

Trust: 0.8

title:J1008222url:http://www-01.ibm.com/support/docview.wss?uid=jpn1J1008222

Trust: 0.8

title:2236url:https://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2236

Trust: 0.8

title:NV11-005url:http://jpn.nec.com/security-info/secinfo/nv11-005.html

Trust: 0.8

title:SUSE-SU-2011:1010url:http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html

Trust: 0.8

title:openSUSE-SU-2011:0993url:http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html

Trust: 0.8

title:SUSE-SU-2011:1000url:http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html

Trust: 0.8

title:SUSE-SU-2011:1007url:http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html

Trust: 0.8

title:Oracle Critical Patch Update Advisory - January 2012url:http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html

Trust: 0.8

title:Oracle Critical Patch Update Advisory - July 2012url:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html

Trust: 0.8

title:Text Form of Oracle Critical Patch Update - July 2012 Risk Matricesurl:http://www.oracle.com/technetwork/topics/security/cpujul2012verbose-392736.html

Trust: 0.8

title:alert-cve-2011-3192-485304url:http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html

Trust: 0.8

title:RHSA-2011:1369url:http://rhn.redhat.com/errata/RHSA-2011-1369.html

Trust: 0.8

title:RHSA-2011:1330url:http://rhn.redhat.com/errata/RHSA-2011-1330.html

Trust: 0.8

title:RHSA-2011:1294url:https://rhn.redhat.com/errata/RHSA-2011-1294.html

Trust: 0.8

title:RHSA-2011:1329url:http://rhn.redhat.com/errata/RHSA-2011-1329.html

Trust: 0.8

title:RHSA-2011:1300url:https://rhn.redhat.com/errata/RHSA-2011-1300.html

Trust: 0.8

title:RHSA-2011:1245url:https://rhn.redhat.com/errata/RHSA-2011-1245.html

Trust: 0.8

title:Ridocソフトウェア製品での「Apache HTTPD サーバーにおけるサービス運用妨害 (DoS) の脆弱性」についてurl:http://www.ricoh.co.jp/support/news/121114.html

Trust: 0.8

title:MDVSA-2011:130url:http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2011:130

Trust: 0.8

title:January 2012 Critical Patch Update Releasedurl:http://blogs.oracle.com/security/entry/january_2012_critical_patch_update

Trust: 0.8

title:CVE-2011-3192 Denial of Service vulnerability in Apache HTTP Serverurl:https://blogs.oracle.com/sunsecurity/entry/cve_2011_3192_denial_of1

Trust: 0.8

title:July 2012 Critical Patch Update Releasedurl:http://blogs.oracle.com/security/entry/july_2012_critical_patch_update

Trust: 0.8

title:cve_2011_3192_denial_ofurl:http://blogs.oracle.com/sunsecurity/entry/cve_2011_3192_denial_of

Trust: 0.8

title:USN-1199-1url:http://www.ubuntu.com/usn/USN-1199-1/

Trust: 0.8

title:interstage_as_201102url:http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_201102.html

Trust: 0.8

title:cisco-sa-20110830-apacheurl:http://www.cisco.com/cisco/web/support/JP/110/1108/1108502_cisco-sa-20110830-apache-j.html

Trust: 0.8

title:HS11-021url:http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-021/index.html

Trust: 0.8

title:HS11-022url:http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-022/index.html

Trust: 0.8

title:HS11-019url:http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-019/index.html

Trust: 0.8

title:HS11-020url:http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-020/index.html

Trust: 0.8

title:VU#405811url:http://software.fujitsu.com/jp/security/vulnerabilities/vu405811.html

Trust: 0.8

title:Ubuntu Security Notice: apache2 vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1199-1

Trust: 0.1

title:Cisco: Apache HTTPd Range Header Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20110830-apache

Trust: 0.1

title:Debian Security Advisories: DSA-2298-2 apache2 -- denial of serviceurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=7227b6751a2a5332a53278f1881d559f

Trust: 0.1

title:Amazon Linux AMI: ALAS-2011-001url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2011-001

Trust: 0.1

title:Red Hat: Moderate: httpd security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120542 - Security Advisory

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2011-3192

Trust: 0.1

title:MNCanyonurl:https://github.com/MNCanyon/MNCanyon

Trust: 0.1

title:haproxy-ddosurl:https://github.com/analytically/haproxy-ddos

Trust: 0.1

title:DDoS-Scripturl:https://github.com/Encapsulate/DDoS-Script

Trust: 0.1

title:Mind_helpurl:https://github.com/MNCanyon/Mind_help

Trust: 0.1

title:DC-p0turl:https://github.com/5p1n6a11/DC-p0t

Trust: 0.1

sources: VULMON: CVE-2011-3192 // JVNDB: JVNDB-2011-002172

EXTERNAL IDS

db:CERT/CCid:VU#405811

Trust: 2.6

db:NVDid:CVE-2011-3192

Trust: 2.4

db:BIDid:49303

Trust: 1.8

db:SECUNIAid:45606

Trust: 1.8

db:SECTRACKid:1025960

Trust: 1.8

db:OSVDBid:74721

Trust: 1.8

db:SECUNIAid:46125

Trust: 1.0

db:SECUNIAid:45937

Trust: 1.0

db:SECUNIAid:46000

Trust: 1.0

db:SECUNIAid:46126

Trust: 1.0

db:EXPLOIT-DBid:17696

Trust: 1.0

db:JVNDBid:JVNDB-2011-002172

Trust: 0.8

db:SECUNIAid:46229

Trust: 0.2

db:VULMONid:CVE-2011-3192

Trust: 0.1

db:PACKETSTORMid:104441

Trust: 0.1

db:PACKETSTORMid:104672

Trust: 0.1

db:PACKETSTORMid:112043

Trust: 0.1

db:PACKETSTORMid:104479

Trust: 0.1

db:PACKETSTORMid:105184

Trust: 0.1

db:HITACHIid:HS11-020

Trust: 0.1

db:HITACHIid:HS11-022

Trust: 0.1

db:HITACHIid:HS11-021

Trust: 0.1

db:PACKETSTORMid:106388

Trust: 0.1

sources: CERT/CC: VU#405811 // VULMON: CVE-2011-3192 // JVNDB: JVNDB-2011-002172 // PACKETSTORM: 104441 // PACKETSTORM: 104672 // PACKETSTORM: 112043 // PACKETSTORM: 104479 // PACKETSTORM: 105184 // PACKETSTORM: 106388 // NVD: CVE-2011-3192

REFERENCES

url:http://www.apache.org/dist/httpd/announcement2.2.html

Trust: 1.8

url:http://osvdb.org/74721

Trust: 1.8

url:http://secunia.com/advisories/45606

Trust: 1.8

url:http://www.securityfocus.com/bid/49303

Trust: 1.8

url:http://www.kb.cert.org/vuls/id/405811

Trust: 1.8

url:https://bugzilla.redhat.com/show_bug.cgi?id=732928

Trust: 1.2

url:http://seclists.org/fulldisclosure/2011/aug/175

Trust: 1.2

url:http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.html

Trust: 1.0

url:http://blogs.oracle.com/security/entry/security_alert_for_cve_2011

Trust: 1.0

url:http://lists.apple.com/archives/security-announce/2011//oct/msg00003.html

Trust: 1.0

url:http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.html

Trust: 1.0

url:http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html

Trust: 1.0

url:http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.html

Trust: 1.0

url:http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.html

Trust: 1.0

url:http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html

Trust: 1.0

url:http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html

Trust: 1.0

url:http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122d387dd%40minotaur.apache.org%3e

Trust: 1.0

url:http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3ccaapsnn2po-d-c4nqt_tes2rrwizr7urefhtkpwbc1b+k1dqc7g%40mail.gmail.com%3e

Trust: 1.0

url:http://marc.info/?l=bugtraq&m=131551295528105&w=2

Trust: 1.0

url:http://marc.info/?l=bugtraq&m=131731002122529&w=2

Trust: 1.0

url:http://marc.info/?l=bugtraq&m=132033751509019&w=2

Trust: 1.0

url:http://marc.info/?l=bugtraq&m=133477473521382&w=2

Trust: 1.0

url:http://marc.info/?l=bugtraq&m=133951357207000&w=2

Trust: 1.0

url:http://marc.info/?l=bugtraq&m=134987041210674&w=2

Trust: 1.0

url:http://secunia.com/advisories/45937

Trust: 1.0

url:http://secunia.com/advisories/46000

Trust: 1.0

url:http://secunia.com/advisories/46125

Trust: 1.0

url:http://secunia.com/advisories/46126

Trust: 1.0

url:http://securitytracker.com/id?1025960

Trust: 1.0

url:http://support.apple.com/kb/ht5002

Trust: 1.0

url:http://www.cisco.com/en/us/products/products_security_advisory09186a0080b90d73.shtml

Trust: 1.0

url:http://www.exploit-db.com/exploits/17696

Trust: 1.0

url:http://www.gossamer-threads.com/lists/apache/dev/401638

Trust: 1.0

url:http://www.mandriva.com/security/advisories?name=mdvsa-2011:130

Trust: 1.0

url:http://www.mandriva.com/security/advisories?name=mdvsa-2013:150

Trust: 1.0

url:http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html

Trust: 1.0

url:http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html

Trust: 1.0

url:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html

Trust: 1.0

url:http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html

Trust: 1.0

url:http://www.redhat.com/support/errata/rhsa-2011-1245.html

Trust: 1.0

url:http://www.redhat.com/support/errata/rhsa-2011-1294.html

Trust: 1.0

url:http://www.redhat.com/support/errata/rhsa-2011-1300.html

Trust: 1.0

url:http://www.redhat.com/support/errata/rhsa-2011-1329.html

Trust: 1.0

url:http://www.redhat.com/support/errata/rhsa-2011-1330.html

Trust: 1.0

url:http://www.redhat.com/support/errata/rhsa-2011-1369.html

Trust: 1.0

url:http://www.ubuntu.com/usn/usn-1199-1

Trust: 1.0

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/69396

Trust: 1.0

url:https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0

Trust: 1.0

url:https://issues.apache.org/bugzilla/show_bug.cgi?id=51714

Trust: 1.0

url:https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e

Trust: 1.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14762

Trust: 1.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14824

Trust: 1.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a18827

Trust: 1.0

url:http://blog.spiderlabs.com/2011/08/mitigation-of-apache-range-header-dos-attack.html

Trust: 0.9

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3192

Trust: 0.9

url:http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122d387dd@minotaur.apache.org%3e

Trust: 0.8

url:http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110826103531.998348f82@minotaur.apache.org%3e

Trust: 0.8

url:http://www.apache.org/dist/httpd/changes_2.2.20

Trust: 0.8

url:http://www.ipa.go.jp/security/ciadr/vul/20110831-apache.html

Trust: 0.8

url:https://www.jpcert.or.jp/at/2011/at110023.html

Trust: 0.8

url:http://jvn.jp/cert/jvnvu405811

Trust: 0.8

url:http://jvn.jp/tr/jvntr-2011-05

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3192

Trust: 0.8

url:http://www.securitytracker.com/id?1025960

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2011-3192

Trust: 0.5

url:http://secunia.com/

Trust: 0.3

url:http://lists.grok.org.uk/full-disclosure-charter.html

Trust: 0.3

url:http://people.apache.org/~dirkx/binaries.txt

Trust: 0.2

url:http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3ccaapsnn2po-d-c4nqt_tes2rrwizr7urefhtkpwbc1b+k1dqc7g@mail.gmail.com%3e

Trust: 0.2

url:http://people.apache.org/~dirkx/mod_rangecnt.c

Trust: 0.2

url:http://httpd.apache.org/docs/2.2/mod/core.html#limitrequestfieldsize

Trust: 0.2

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.1

url:https://access.redhat.com/kb/docs/doc-11259

Trust: 0.1

url:https://access.redhat.com/security/team/key/#package

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3192.html

Trust: 0.1

url:http://bugzilla.redhat.com/):

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2011-1245.html

Trust: 0.1

url:https://access.redhat.com/security/team/contact/

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-1623

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-4409

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1468

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1148

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3182

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1467

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1471

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-1452

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-0734

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1470

Trust: 0.1

url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/

Trust: 0.1

url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2202

Trust: 0.1

url:http://h18000.www1.hp.com/products/servers/management/agents/index.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-4645

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0419

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1945

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2068

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1928

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1938

Trust: 0.1

url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-3436

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2483

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0014

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1464

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1153

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0195

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2009-0037

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2192

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2791

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3189

Trust: 0.1

url:http://seclists.org/bugtraq/2007/jan/83

Trust: 0.1

url:http://trac.tools.ietf.org/wg/httpbis/trac/ticket/311

Trust: 0.1

url:http://svn.apache.org/viewvc?view=revision&sortby=date&revision=1161534

Trust: 0.1

url:http://www.mandriva.com/security/

Trust: 0.1

url:http://www.mandriva.com/security/advisories

Trust: 0.1

url:http://secunia.com/advisories/46229/#comments

Trust: 0.1

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=46229

Trust: 0.1

url:http://secunia.com/advisories/46229/

Trust: 0.1

url:http://www.hitachi.co.jp/prod/comp/soft1/security/info/./vuls/hs11-021/index.html

Trust: 0.1

url:http://www.hitachi.co.jp/prod/comp/soft1/security/info/./vuls/hs11-022/index.html

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://www.hitachi.co.jp/prod/comp/soft1/security/info/./vuls/hs11-020/index.html

Trust: 0.1

url:http://secunia.com/products/corporate/vim/ovum_2011_request/

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: CERT/CC: VU#405811 // JVNDB: JVNDB-2011-002172 // PACKETSTORM: 104441 // PACKETSTORM: 104672 // PACKETSTORM: 112043 // PACKETSTORM: 104479 // PACKETSTORM: 105184 // PACKETSTORM: 106388 // NVD: CVE-2011-3192

CREDITS

Red Hat

Trust: 0.1

sources: PACKETSTORM: 104672

SOURCES

db:CERT/CCid:VU#405811
db:VULMONid:CVE-2011-3192
db:JVNDBid:JVNDB-2011-002172
db:PACKETSTORMid:104441
db:PACKETSTORMid:104672
db:PACKETSTORMid:112043
db:PACKETSTORMid:104479
db:PACKETSTORMid:105184
db:PACKETSTORMid:106388
db:NVDid:CVE-2011-3192

LAST UPDATE DATE

2024-11-06T22:44:18.522000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#405811date:2011-09-19T00:00:00
db:VULMONid:CVE-2011-3192date:2022-09-19T00:00:00
db:JVNDBid:JVNDB-2011-002172date:2017-07-25T00:00:00
db:NVDid:CVE-2011-3192date:2023-11-07T02:08:27

SOURCES RELEASE DATE

db:CERT/CCid:VU#405811date:2011-08-26T00:00:00
db:VULMONid:CVE-2011-3192date:2011-08-29T00:00:00
db:JVNDBid:JVNDB-2011-002172date:2011-09-01T00:00:00
db:PACKETSTORMid:104441date:2011-08-25T14:27:56
db:PACKETSTORMid:104672date:2011-09-01T02:06:59
db:PACKETSTORMid:112043date:2012-04-20T20:15:33
db:PACKETSTORMid:104479date:2011-08-26T14:40:28
db:PACKETSTORMid:105184date:2011-09-17T19:02:19
db:PACKETSTORMid:106388date:2011-10-31T07:51:54
db:NVDid:CVE-2011-3192date:2011-08-29T15:55:02.017