CVE-2011-3192 — HIGH (7.8) — White Hats Nepal

Q: How severe is CVE-2011-3192?

CVE-2011-3192 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2011-3192?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Http Server, Opensuse Opensuse, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit, Canonical Ubuntu Linux.

Vulnerability Description

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.

CVSS Score

7.8

HIGH

AV:N/AC:L/Au:N/C:N/I:N/A:C

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Apache	Http Server	>= 2.0.35, < 2.0.65
Opensuse	Opensuse	11.3
Suse	Linux Enterprise Server	10
Suse	Linux Enterprise Software Development Kit	10
Canonical	Ubuntu Linux	8.04

Related Weaknesses (CWE)

CWE-400

References

http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.htmlBroken Link
http://blogs.oracle.com/security/entry/security_alert_for_cve_2011Broken Link
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlBroken Link
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.htmlMailing ListThird Party Advisory
http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c201108241
http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C
http://marc.info/?l=bugtraq&m=131551295528105&w=2Issue TrackingMailing ListThird Party Advisory
http://marc.info/?l=bugtraq&m=131731002122529&w=2Issue TrackingMailing ListThird Party Advisory
http://marc.info/?l=bugtraq&m=132033751509019&w=2Issue TrackingMailing ListThird Party Advisory
http://marc.info/?l=bugtraq&m=133477473521382&w=2Issue TrackingMailing ListThird Party Advisory

FAQ

What is CVE-2011-3192?

CVE-2011-3192 is a vulnerability with a CVSS score of 7.8 (HIGH). The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range heade...

How severe is CVE-2011-3192?

CVE-2011-3192 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-3192?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Http Server, Opensuse Opensuse, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit, Canonical Ubuntu Linux.