Lucene search
SuseSUSE-SU-2011:1010-1HistorySep 06, 2011 - 6:08 p.m.
Security update for Apache (important)
2011-09-0618:08:19
lists.opensuse.org
22
0.966 High
EPSS
Percentile
99.5%
This update fixes a remote denial of service bug (memory
exhaustion) in the Apache 2 HTTP server, that could be
triggered by remote attackers using multiple overlapping
Request Ranges. (CVE-2011-3192)
It also fixes some non-security bugs:
- take LimitRequestFieldsize config option into account
when parsing headers from backend. Thereby avoid that the
receiving buffers are too small. bnc#690734. - add / when on a directory to feed correctly linked
listings. bnc#661597 - a2enmod shalt not disable a module in query mode.
bnc#663359 - New option SSLRenegBufferSize fixes "413 Request
Entity Too Large occur" problem. - fixes graceful restart hangs, bnc#555098.
Related
threatpost
threatpost
Apache Fixes Range Header DoS Flaw
2011-08-31 10:30:00
Apache Releases Version 2.2.21 With New Fix For Range Header Flaw
2011-09-14 15:29:14
f5
f5
K13114 : Apache Range header vulnerability - CVE-2011-3192
2013-09-12 00:00:00
SOL13114 - Apache Range header vulnerability - CVE-2011-3192
2011-10-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package apache2 version 2.2.20-alt1
2011-08-31 00:00:00
Security fix for the ALT Linux 10 package apache2 version 2.2.20-alt1
2011-08-31 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.20-alt1
2011-08-31 00:00:00
nessus
nessus
RHEL 5 : httpd (RHSA-2011:1294)
2013-01-24 00:00:00
openSUSE Security Update : apache2 (openSUSE-SU-2011:0993-1)
2014-06-13 00:00:00
F5 Networks BIG-IP : Apache Range header vulnerability (K13114)
2014-10-10 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:02:22
openvas
openvas
CentOS Update for httpd CESA-2011:1245 centos4 i386
2011-09-07 00:00:00
Slackware: Security Advisory (SSA:2011-252-01)
2012-09-10 00:00:00
RedHat Update for httpd RHSA-2011:1294-01
2011-09-16 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: httpd-2.2.21-1.fc16
2011-09-30 19:07:35
[SECURITY] Fedora 15 Update: httpd-2.2.21-1.fc15
2011-09-16 01:58:28
amazon
amazon
Medium: httpd
2011-09-27 22:46:00
redhat
redhat
(RHSA-2011:1369) Important: httpd security update
2011-10-13 00:00:00
(RHSA-2011:1329) Important: httpd and httpd22 security update
2011-09-21 00:00:00
suse
suse
apache2: Fixed a remote denial of service via byte-ranges (important)
2011-09-02 18:08:23
Security update for Apache (important)
2011-09-06 10:08:12
Security update for Apache (important)
2011-09-06 07:08:21
debian
debian
[BSA-049] Security Update for apache2
2011-09-06 02:06:51
[SECURITY] [DSA 2298-2] apache2 regression fix
2011-09-05 19:20:44
[SECURITY] [DSA 2298-2] apache2 regression fix
2011-09-05 19:20:44
hackerone
hackerone
Gratipay: grtp.co is vulnerable to http-vuln-cve2011-3192
2016-01-25 13:01:41
ownCloud: Apache Range Header Denial of Service Attack (Confirmed PoC)
2015-09-14 22:55:12
U.S. Dept Of Defense: Out-of-date Version (Apache)
2016-11-24 15:09:27
ibm
ibm
exploitpack
exploitpack
Apache - Denial of Service
2011-12-09 00:00:00
cert
cert
Apache HTTPD 1.3/2.x Range header DoS vulnerability
2011-08-26 00:00:00
httpd
httpd
Apache Httpd < 2.2.20 : Range header remote DoS
2011-08-20 00:00:00
Apache Httpd < 2.0.65 : Range header remote DoS
2011-08-20 00:00:00
freebsd
freebsd
apache -- Range header DoS vulnerability
2011-08-24 00:00:00
packetstorm
packetstorm
Obehotel CMS Denial Of Service / SQL Injection
2013-08-26 00:00:00
Opolis.eu Secure Mail Blind SQL Injection / XSS / CSRF / DoS
2013-10-07 00:00:00
ProtonMail.ch Header Injection / CSRF
2014-05-30 00:00:00
oraclelinux
oraclelinux
httpd security update
2011-08-31 00:00:00
httpd security and bug fix update
2011-10-20 00:00:00
securityvulns
securityvulns
Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability
2011-08-30 00:00:00
Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x (CVE-2011-3192)
2011-08-27 00:00:00
Multiple HTTP servers DoS
2011-10-20 00:00:00
ubuntu
ubuntu
Apache vulnerability
2011-09-01 00:00:00
seebug
seebug
Apache HTTP Server Denial of Service
2014-07-01 00:00:00
Apache Range Header Denial Of Service
2011-12-09 00:00:00
Apache HTTP Server畸形Range选项处理远程拒绝服务漏洞
2011-08-26 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache HTTPD Ranges Header Field Denial of Service (CVE-2011-3192)
2011-09-14 00:00:00
Apache HTTPD Ranges Header Field Denial of Service - ver 2 (CVE-2011-3192)
2010-02-25 00:00:00
checkpoint_security
checkpoint_security
zdt
zdt
Obehotel CMS SQL Injection Vulnerability
2013-08-27 00:00:00
cisa
cisa
Oracle Releases Security Alert for Oracle HTTP Server Products
2011-09-19 00:00:00
centos
centos
httpd, mod_ssl security update
2011-09-01 11:41:08
httpd, mod_ssl security update
2011-10-20 21:19:56
slackware
slackware
[slackware-security] httpd
2011-09-09 14:05:46
[slackware-security] httpd
2011-10-14 23:59:50
debiancve
debiancve
CVE-2011-3192
2011-08-29 15:55:00
cve
cve
CVE-2011-3192
2011-08-29 15:55:00
CVE-2014-5329
2023-09-08 03:15:00
prion
prion
Race condition
2023-09-08 03:15:00
Code injection
2011-08-29 15:55:00
ubuntucve
ubuntucve
CVE-2011-3192
2011-08-29 00:00:00
osv
osv
apache2 - denial of service
2011-09-05 00:00:00
jvn
jvn
JVN#23809730: GIGAPOD vulnerable to denial-of-service (DoS)
2014-10-16 00:00:00
exploitdb
exploitdb
Apache - Denial of Service
2011-12-09 00:00:00
nmap
nmap
http-vuln-cve2011-3192 NSE Script
2011-08-29 21:42:57
attackerkb
attackerkb
CVE-2011-3192
2011-08-29 00:00:00
kaspersky
kaspersky
KLA10065 Multiple vulnerabilities in Apache httpd
2013-07-22 00:00:00
gentoo
gentoo
Apache HTTP Server: Multiple vulnerabilities
2012-06-24 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2011
2011-10-18 00:00:00
Oracle Critical Patch Update - January 2012
2012-01-17 00:00:00
Oracle Critical Patch Update - July 2012
2012-07-17 00:00:00