CVE-2011-3192

🗓️ 29 Aug 2011 15:00:00Reported by redhatType

cve

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 4447 Views🌐 WEB

Apache HTTP Server denial of service vulnerabilit

Reporter	Title	Published	Views	Family All 206
0day.today	Apache HTTP Server Denial of Service	9 Dec 201100:00	–	zdt
0day.today	Obehotel CMS SQL Injection Vulnerability	27 Aug 201300:00	–	zdt
0day.today	Opolis.eu Secure Mail Blind SQL Injection / XSS / CSRF / DoS	8 Oct 201300:00	–	zdt
IBM Security Bulletins	Security Bulletin: Potential security exposure with IBM HTTP Server 8.0 and earlier (PM46234) (CVE-2011-3192)	8 Sep 202200:26	–	ibm
IBM Security Bulletins	Security Bulletin: API Connect is affected by an Apache HTTP Server vulnerability (CVE-2011-3192)	15 Jun 201807:07	–	ibm
Gitee	Exploit for CVE-2007-6750	27 Jul 202503:38	–	gitee
GithubExploit	Exploit for Improper Certificate Validation in Apache Http_Server	29 Dec 202510:08	–	githubexploit
GithubExploit	Exploit for Uncontrolled Resource Consumption in Apache Http_Server	26 Oct 201121:07	–	githubexploit
ALT Linux	Security fix for the ALT Linux 8 package apache2 version 2.2.20-alt1	31 Aug 201100:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 9 package apache2 version 2.2.20-alt1	31 Aug 201100:00	–	altlinux

NVD

Node

apache http_serverRange2.0.35–2.0.65

OR

apache http_serverRange2.2.0–2.2.20

Node

opensuse opensuseMatch11.3

OR

opensuse opensuseMatch11.4

OR

suse linux_enterprise_serverMatch10sp2-

OR

suse linux_enterprise_serverMatch10sp3-

OR

suse linux_enterprise_serverMatch10sp4-

OR

suse linux_enterprise_serverMatch11sp1-

OR

suse linux_enterprise_serverMatch11sp1vmware

OR

suse linux_enterprise_software_development_kitMatch10sp3

OR

suse linux_enterprise_software_development_kitMatch10sp4

OR

suse linux_enterprise_software_development_kitMatch11sp1

Node

canonical ubuntu_linuxMatch8.04-

OR

canonical ubuntu_linuxMatch10.04-

OR

canonical ubuntu_linuxMatch10.10

OR

canonical ubuntu_linuxMatch11.04

Source	Link
lists	www.lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
marc	www.marc.info/
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
oracle	www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
redhat	www.redhat.com/support/errata/RHSA-2011-1245.html
lists	www.lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html
lists	www.lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E
marc	www.marc.info/
mail-archives	www.mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD%40minotaur.apache.org%3e
marc	www.marc.info/

Parameter	Position	Path	Description	CWE
Range	header	/	Denial of Service via crafted Range header with multiple overlapping ranges in Apache HTTP Server (CVE-2011-3192).	CWE-400

29 Apr 2026 01:13Current

6.3Medium risk

Vulners AI Score6.3

CVSS 27.8

EPSS0.90865

CWE-400 In Wild

apache http server denial of service vulnerability remote attack cve-2011-3192