MiracleLinux 4 : httpd-2.2.15-9.2.0.1.AXS4 (AXSA:2011-459:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-459:01 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2011-3192 The byterange filter in the...

Race condition

GIGAPOD file servers Appliance model and Software model provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation. 8001/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests CVE-2011-3192, which may lead to ...

Security Bulletin: Potential security exposure with IBM HTTP Server 8.0 and earlier (PM46234) (CVE-2011-3192)

Summary Crafted range requests can result in potential denial of service with IBM HTTP Server IHS. Vulnerability Details Potential denial of service from attack using crafted range requests CVE Reference: CVE-2011-3192. Affected Products and Versions Affected: IBM HTTP Server IHS Versions 2.0...

olderpeoplewales.com Cross Site Scripting vulnerability

Security Researcher metamorfosec Helped patch 1908 vulnerabilities Received 9 Coordinated Disclosure badges Received 31 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting olderpeoplewales.com website and its users. Following...

Security Bulletin: API Connect is affected by an Apache HTTP Server vulnerability (CVE-2011-3192)

Summary API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2011-3192 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by an error in the ByteRange filter when processing malicious requests. By sending a specially-crafted HTTP reques...

CVE-2011-3192

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/apacherangedos.rb 2022-08-29 23:38:33+00:00| seen| Telegram/2JMSuqGJ52RBHUc0bduQrTriHShMBiAX8WEg7IoEnglCa28 2022-10-27 07:57:35+00:00|...

U.S. Dept Of Defense: Out-of-date Version (Apache)

URL https://████████/ Identified Version 2.2.15 contains 4 important and 10 other vulnerabilities Latest Version 2.2.31 Vulnerability Database Result is based on 27.10.2016 vulnerability database content. Vulnerability Details Link identified you are using an out-of-date version of Apache. Impact...

Gratipay: grtp.co is vulnerable to http-vuln-cve2011-3192

vulnerability i have found! | http-vuln-cve2011-3192: | VULNERABLE: | Apache byterange filter DoS | State: VULNERABLE | IDs: CVE:CVE-2011-3192 OSVDB:74721 | The Apache web server is vulnerable to a denial of service attack when numerous | overlapping byte ranges are requested. | Disclosure date:...

ownCloud: Apache Range Header Denial of Service Attack (Confirmed PoC)

owncloud.com is vulnerable to Apache range header denial of service. This was confirmed by injecting Range: header payloads and analyzing the request vs. response times to an arbitrary page. The results confirm that processing times took up to 50,000 milliseconds per request when the range header...

Amazon Linux: Security Advisory (ALAS-2011-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : httpd (ALAS-2011-1)

The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially crafted Range header...

Apache HTTP Server Denial of Service

No description provided by source. / This is a reverse engineered version of the exploit for CVE-2011-3192 made by ev1lut10n http://jayakonstruksi.com/backupintsec/rapache.tgz. Copyright 2011 Ramon de C Valle [email protected] Compile with the following command: gcc -Wall -pthread -o...

openSUSE Security Update : apache2 (openSUSE-SU-2011:1217-1)

This update fixes several security issues in the Apache webserver. The patch for the ByteRange remote denial of service attack CVE-2011-3192 was refined and the configuration options used by upstream were added. Introduce new config option: Allow MaxRanges Number of ranges requested, if exceeded,...

openSUSE Security Update : apache2 (openSUSE-SU-2011:0993-1)

This update fixes a remote denial of service bug memory exhaustion in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges . CVE-2011-3192 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

openSUSE Security Update : apache2 (openSUSE-SU-2011:0993-1)

This update fixes a remote denial of service bug memory exhaustion in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges . CVE-2011-3192 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

Oracle Linux 5 / 6 : httpd (ELSA-2011-1245)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-1245 advisory. - updated patch for CVE-2011-3192 from upstream 733062 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...

RHEL 5 : httpd (RHSA-2011:1294)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:1294 advisory. - httpd: multiple ranges DoS CVE-2011-3192 Note that Nessus has not tested for this issue but has instead relied only on the application's...

Slackware: Security Advisory (SSA:2011-252-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware Advisory SSA:2011-252-01 httpd

The remote host is missing an update as announced via advisory SSA:2011-252-01. OpenVAS Vulnerability Test $Id: esoftslkssa201125201.nasl 6581 2017-07-06 13:58:51Z cfischer $ Description: Auto-generated from advisory SSA:2011-252-01 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Slackware Advisory SSA:2011-284-01 httpd

The remote host is missing an update as announced via advisory SSA:2011-284-01. OpenVAS Vulnerability Test $Id: esoftslkssa201128401.nasl 6581 2017-07-06 13:58:51Z cfischer $ Description: Auto-generated from advisory SSA:2011-284-01 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...