Lucene search
SuseSUSE-SU-2011:1000-1HistorySep 06, 2011 - 7:08 a.m.
Security update for Apache (important)
2011-09-0607:08:21
lists.opensuse.org
27
0.966 High
EPSS
Percentile
99.5%
This update fixes a remote denial of service bug (memory
exhaustion) in the Apache 2 HTTP server, that could be
triggered by remote attackers using multiple overlapping
Request Ranges. (CVE-2011-3192)
It also fixes a issue in mod_dav, where the (1) mod_cache
and (2) mod_dav modules in the Apache HTTP Server 2.2.x
allowed remote attackers to cause a denial of service
(process crash) via a request that lacks a path.
(CVE-2010-1452)
Also following bugs were fixed:
- recommend the default MPM (prefork) via Recommends:
in .spec - apache not sending error 304 if mod_deflate is
enabled. - take LimitRequestFieldsize config option into account
when parsing headers from backend.
Related
nessus
nessus
Debian DSA-2298-2 : apache2 - denial of service
2011-08-30 00:00:00
SuSE 11.1 Security Update : Apache (SAT Patch Number 5090)
2011-12-13 00:00:00
debian
debian
[SECURITY] [DSA 2298-2] apache2 regression fix
2011-09-05 19:20:44
[SECURITY] [DSA 2298-1] apache2 security update
2011-08-29 21:16:25
[SECURITY] [DSA 2298-1] apache2 security update
2011-08-29 21:16:25
suse
suse
Security update for Apache 2 (important)
2011-11-04 09:08:32
Security update for Apache (important)
2011-09-06 18:08:19
apache2: Fixed a remote denial of service via byte-ranges (important)
2011-09-02 18:08:23
openvas
openvas
Debian Security Advisory DSA 2298-1 (apache2)
2011-09-21 00:00:00
Debian Security Advisory DSA 2298-2 (apache2)
2011-09-21 00:00:00
Debian Security Advisory DSA 2298-2 (apache2)
2011-09-21 00:00:00
osv
osv
apache2 - denial of service
2011-09-05 00:00:00
slackware
slackware
[slackware-security] httpd
2010-08-28 16:52:27
[slackware-security] httpd
2011-09-09 14:05:46
[slackware-security] httpd
2011-10-14 23:59:50
httpd
httpd
Apache Httpd < 2.2.16 : mod_cache and mod_dav DoS
2010-05-04 00:00:00
Apache Httpd < 2.0.64 : mod_cache and mod_dav DoS
2010-05-04 00:00:00
Apache Httpd < 2.2.20 : Range header remote DoS
2011-08-20 00:00:00
ubuntucve
ubuntucve
CVE-2010-1452
2010-07-28 00:00:00
CVE-2011-3192
2011-08-29 00:00:00
debiancve
debiancve
CVE-2010-1452
2010-07-28 20:00:00
CVE-2011-3192
2011-08-29 15:55:00
prion
prion
freebsd
freebsd
apache -- Remote DoS bug in mod_cache and mod_dav
2010-07-21 00:00:00
apache -- Range header DoS vulnerability
2011-08-24 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: httpd-2.2.16-1.fc13
2010-08-13 21:20:54
[SECURITY] Fedora 16 Update: httpd-2.2.21-1.fc16
2011-09-30 19:07:35
[SECURITY] Fedora 15 Update: httpd-2.2.21-1.fc15
2011-09-16 01:58:28
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:47:09
Denial Of Service (DoS)
2020-04-10 01:02:22
cve
cve
f5
f5
K13114 : Apache Range header vulnerability - CVE-2011-3192
2013-09-12 00:00:00
SOL13114 - Apache Range header vulnerability - CVE-2011-3192
2011-10-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package apache2 version 2.2.20-alt1
2011-08-31 00:00:00
Security fix for the ALT Linux 10 package apache2 version 2.2.20-alt1
2011-08-31 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.20-alt1
2011-08-31 00:00:00
threatpost
threatpost
Apache Fixes Range Header DoS Flaw
2011-08-31 10:30:00
Apache Releases Version 2.2.21 With New Fix For Range Header Flaw
2011-09-14 15:29:14
amazon
amazon
Medium: httpd
2011-09-27 22:46:00
hackerone
hackerone
Gratipay: grtp.co is vulnerable to http-vuln-cve2011-3192
2016-01-25 13:01:41
ownCloud: Apache Range Header Denial of Service Attack (Confirmed PoC)
2015-09-14 22:55:12
redhat
redhat
(RHSA-2011:1369) Important: httpd security update
2011-10-13 00:00:00
(RHSA-2011:1245) Important: httpd security update
2011-08-31 00:00:00
ibm
ibm
cert
cert
Apache HTTPD 1.3/2.x Range header DoS vulnerability
2011-08-26 00:00:00
packetstorm
packetstorm
Obehotel CMS Denial Of Service / SQL Injection
2013-08-26 00:00:00
Opolis.eu Secure Mail Blind SQL Injection / XSS / CSRF / DoS
2013-10-07 00:00:00
ProtonMail.ch Header Injection / CSRF
2014-05-30 00:00:00
exploitpack
exploitpack
Apache - Denial of Service
2011-12-09 00:00:00
cisa
cisa
Oracle Releases Security Alert for Oracle HTTP Server Products
2011-09-19 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache HTTPD Ranges Header Field Denial of Service (CVE-2011-3192)
2011-09-14 00:00:00
Apache HTTPD Ranges Header Field Denial of Service - ver 2 (CVE-2011-3192)
2010-02-25 00:00:00
zdt
zdt
Obehotel CMS SQL Injection Vulnerability
2013-08-27 00:00:00
checkpoint_security
checkpoint_security
centos
centos
httpd, mod_ssl security update
2011-09-01 11:41:08
httpd, mod_ssl security update
2010-08-31 21:00:21
httpd, mod_ssl security update
2011-10-20 21:19:56
seebug
seebug
Apache Range Header Denial Of Service
2011-12-09 00:00:00
Apache HTTP Server Denial of Service
2014-07-01 00:00:00
Apache HTTP Server畸形Range选项处理远程拒绝服务漏洞
2011-08-26 00:00:00
oraclelinux
oraclelinux
httpd security update
2011-08-31 00:00:00
httpd security and bug fix update
2010-08-30 00:00:00
httpd security and bug fix update
2011-10-20 00:00:00
securityvulns
securityvulns
Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability
2011-08-30 00:00:00
Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x (CVE-2011-3192)
2011-08-27 00:00:00
Multiple HTTP servers DoS
2011-10-20 00:00:00
ubuntu
ubuntu
Apache vulnerability
2011-09-01 00:00:00
Apache vulnerabilities
2010-11-25 00:00:00
jvn
jvn
JVN#23809730: GIGAPOD vulnerable to denial-of-service (DoS)
2014-10-16 00:00:00
exploitdb
exploitdb
Apache - Denial of Service
2011-12-09 00:00:00
nmap
nmap
http-vuln-cve2011-3192 NSE Script
2011-08-29 21:42:57
attackerkb
attackerkb
CVE-2011-3192
2011-08-29 00:00:00
gentoo
gentoo
Apache HTTP Server: Multiple vulnerabilities
2012-06-24 00:00:00