CVE-2011-3192

Current Description

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.

Basic Data

PublishedAugust 29, 2011
Last ModifiedNovember 30, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-399
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score7.8
SeverityHIGH
Exploitability Score10.0
Impact Score6.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationApacheHttp Server1.3*******
    2.3ApplicationApacheHttp Server1.3.0*******
    2.3ApplicationApacheHttp Server1.3.1*******
    2.3ApplicationApacheHttp Server1.3.1.1*******
    2.3ApplicationApacheHttp Server1.3.2*******
    2.3ApplicationApacheHttp Server1.3.3*******
    2.3ApplicationApacheHttp Server1.3.4*******
    2.3ApplicationApacheHttp Server1.3.5*******
    2.3ApplicationApacheHttp Server1.3.6*******
    2.3ApplicationApacheHttp Server1.3.7*******
    2.3ApplicationApacheHttp Server1.3.8*******
    2.3ApplicationApacheHttp Server1.3.9*******
    2.3ApplicationApacheHttp Server1.3.10*******
    2.3ApplicationApacheHttp Server1.3.11*******
    2.3ApplicationApacheHttp Server1.3.12*******
    2.3ApplicationApacheHttp Server1.3.13*******
    2.3ApplicationApacheHttp Server1.3.14*******
    2.3ApplicationApacheHttp Server1.3.15*******
    2.3ApplicationApacheHttp Server1.3.16*******
    2.3ApplicationApacheHttp Server1.3.17*******
    2.3ApplicationApacheHttp Server1.3.18*******
    2.3ApplicationApacheHttp Server1.3.19*******
    2.3ApplicationApacheHttp Server1.3.20*******
    2.3ApplicationApacheHttp Server1.3.22*******
    2.3ApplicationApacheHttp Server1.3.23*******
    2.3ApplicationApacheHttp Server1.3.24*******
    2.3ApplicationApacheHttp Server1.3.25*******
    2.3ApplicationApacheHttp Server1.3.26*******
    2.3ApplicationApacheHttp Server1.3.27*******
    2.3ApplicationApacheHttp Server1.3.28*******
    2.3ApplicationApacheHttp Server1.3.29*******
    2.3ApplicationApacheHttp Server1.3.30*******
    2.3ApplicationApacheHttp Server1.3.31*******
    2.3ApplicationApacheHttp Server1.3.32*******
    2.3ApplicationApacheHttp Server1.3.33*******
    2.3ApplicationApacheHttp Server1.3.34*******
    2.3ApplicationApacheHttp Server1.3.35*******
    2.3ApplicationApacheHttp Server1.3.36*******
    2.3ApplicationApacheHttp Server1.3.37*******
    2.3ApplicationApacheHttp Server1.3.38*******
    2.3ApplicationApacheHttp Server1.3.39*******
    2.3ApplicationApacheHttp Server1.3.41*******
    2.3ApplicationApacheHttp Server1.3.42*******
    2.3ApplicationApacheHttp Server1.3.65*******
    2.3ApplicationApacheHttp Server1.3.68*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationApacheHttp Server2.0*******
    2.3ApplicationApacheHttp Server2.0.9*******
    2.3ApplicationApacheHttp Server2.0.28*******
    2.3ApplicationApacheHttp Server2.0.28beta******
    2.3ApplicationApacheHttp Server2.0.32*******
    2.3ApplicationApacheHttp Server2.0.32beta******
    2.3ApplicationApacheHttp Server2.0.34beta******
    2.3ApplicationApacheHttp Server2.0.35*******
    2.3ApplicationApacheHttp Server2.0.36*******
    2.3ApplicationApacheHttp Server2.0.37*******
    2.3ApplicationApacheHttp Server2.0.38*******
    2.3ApplicationApacheHttp Server2.0.39*******
    2.3ApplicationApacheHttp Server2.0.40*******
    2.3ApplicationApacheHttp Server2.0.41*******
    2.3ApplicationApacheHttp Server2.0.42*******
    2.3ApplicationApacheHttp Server2.0.43*******
    2.3ApplicationApacheHttp Server2.0.44*******
    2.3ApplicationApacheHttp Server2.0.45*******
    2.3ApplicationApacheHttp Server2.0.46*******
    2.3ApplicationApacheHttp Server2.0.47*******
    2.3ApplicationApacheHttp Server2.0.48*******
    2.3ApplicationApacheHttp Server2.0.49*******
    2.3ApplicationApacheHttp Server2.0.50*******
    2.3ApplicationApacheHttp Server2.0.51*******
    2.3ApplicationApacheHttp Server2.0.52*******
    2.3ApplicationApacheHttp Server2.0.53*******
    2.3ApplicationApacheHttp Server2.0.54*******
    2.3ApplicationApacheHttp Server2.0.55*******
    2.3ApplicationApacheHttp Server2.0.56*******
    2.3ApplicationApacheHttp Server2.0.57*******
    2.3ApplicationApacheHttp Server2.0.58*******
    2.3ApplicationApacheHttp Server2.0.59*******
    2.3ApplicationApacheHttp Server2.0.60*******
    2.3ApplicationApacheHttp Server2.0.61*******
    2.3ApplicationApacheHttp Server2.0.63*******
    2.3ApplicationApacheHttp Server2.0.64*******
  • OR - Configuration 3
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationApacheHttp Server2.2.0*******
    2.3ApplicationApacheHttp Server2.2.1*******
    2.3ApplicationApacheHttp Server2.2.2*******
    2.3ApplicationApacheHttp Server2.2.3*******
    2.3ApplicationApacheHttp Server2.2.4*******
    2.3ApplicationApacheHttp Server2.2.6*******
    2.3ApplicationApacheHttp Server2.2.8*******
    2.3ApplicationApacheHttp Server2.2.9*******
    2.3ApplicationApacheHttp Server2.2.10*******
    2.3ApplicationApacheHttp Server2.2.11*******
    2.3ApplicationApacheHttp Server2.2.12*******
    2.3ApplicationApacheHttp Server2.2.13*******
    2.3ApplicationApacheHttp Server2.2.14*******
    2.3ApplicationApacheHttp Server2.2.15*******
    2.3ApplicationApacheHttp Server2.2.16*******
    2.3ApplicationApacheHttp Server2.2.18*******
    2.3ApplicationApacheHttp Server2.2.19*******

Vulnerable Software List

VendorProductVersions
Apache Http Server 1.3, 1.3.0, 1.3.1, 1.3.1.1, 1.3.10, 1.3.11, 1.3.12, 1.3.13, 1.3.14, 1.3.15, 1.3.16, 1.3.17, 1.3.18, 1.3.19, 1.3.2, 1.3.20, 1.3.22, 1.3.23, 1.3.24, 1.3.25, 1.3.26, 1.3.27, 1.3.28, 1.3.29, 1.3.3, 1.3.30, 1.3.31, 1.3.32, 1.3.33, 1.3.34, 1.3.35, 1.3.36, 1.3.37, 1.3.38, 1.3.39, 1.3.4, 1.3.41, 1.3.42, 1.3.5, 1.3.6, 1.3.65, 1.3.68, 1.3.7, 1.3.8, 1.3.9, 2.0, 2.0.28, 2.0.32, 2.0.34, 2.0.35, 2.0.36, 2.0.37, 2.0.38, 2.0.39, 2.0.40, 2.0.41, 2.0.42, 2.0.43, 2.0.44, 2.0.45, 2.0.46, 2.0.47, 2.0.48, 2.0.49, 2.0.50, 2.0.51, 2.0.52, 2.0.53, 2.0.54, 2.0.55, 2.0.56, 2.0.57, 2.0.58, 2.0.59, 2.0.60, 2.0.61, 2.0.63, 2.0.64, 2.0.9, 2.2.0, 2.2.1, 2.2.10, 2.2.11, 2.2.12, 2.2.13, 2.2.14, 2.2.15, 2.2.16, 2.2.18, 2.2.19, 2.2.2, 2.2.3, 2.2.4, 2.2.6, 2.2.8, 2.2.9

References

NameSourceURLTags
20110824 Re: Apache Killerhttp://archives.neohapsis.com/archives/fulldisclosure/2011-08/0285.htmlFULLDISC
http://blogs.oracle.com/security/entry/security_alert_for_cve_2011http://blogs.oracle.com/security/entry/security_alert_for_cve_2011CONFIRM
APPLE-SA-2011-10-12-3http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlAPPLE
openSUSE-SU-2011:0993http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00006.htmlSUSE
SUSE-SU-2011:1000http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.htmlSUSE
SUSE-SU-2011:1007http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00010.htmlSUSE
SUSE-SU-2011:1010http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00011.htmlSUSE
SUSE-SU-2011:1216http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.htmlSUSE
SUSE-SU-2011:1229http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.htmlSUSE
[announce] 20110824 Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x (CVE-2011-3192)http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3c20110824161640.122D387DD@minoMLISTVendor Advisory
[dev] 20110823 Re: DoS with mod_deflate & range requestshttp://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3cCAAPSnn2PO-d-C4nQt_TES2RRWiZr7urefMLISTPatch
HPSBUX02702http://marc.info/?l=bugtraq&m=131551295528105&w=2HP
HPSBUX02707http://marc.info/?l=bugtraq&m=131731002122529&w=2HP
SSRT100619http://marc.info/?l=bugtraq&m=132033751509019&w=2HP
SSRT100624http://marc.info/?l=bugtraq&m=133477473521382&w=2HP
SSRT100852http://marc.info/?l=bugtraq&m=133951357207000&w=2HP
SSRT100966http://marc.info/?l=bugtraq&m=134987041210674&w=2HP
74721http://osvdb.org/74721OSVDB
20110820 Apache Killerhttp://seclists.org/fulldisclosure/2011/Aug/175FULLDISCExploit
45606http://secunia.com/advisories/45606SECUNIAVendor Advisory
45937http://secunia.com/advisories/45937SECUNIA
46000http://secunia.com/advisories/46000SECUNIA
46125http://secunia.com/advisories/46125SECUNIA
46126http://secunia.com/advisories/46126SECUNIA
1025960http://securitytracker.com/id?1025960SECTRACK
http://support.apple.com/kb/HT5002http://support.apple.com/kb/HT5002CONFIRM
http://www.apache.org/dist/httpd/Announcement2.2.htmlhttp://www.apache.org/dist/httpd/Announcement2.2.htmlCONFIRM
20110830 Apache HTTPd Range Header Denial of Service Vulnerabilityhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b90d73.shtmlCISCO
17696http://www.exploit-db.com/exploits/17696EXPLOIT-DBExploit
http://www.gossamer-threads.com/lists/apache/dev/401638http://www.gossamer-threads.com/lists/apache/dev/401638CONFIRM
VU#405811http://www.kb.cert.org/vuls/id/405811CERT-VNUS Government Resource
MDVSA-2011:130http://www.mandriva.com/security/advisories?name=MDVSA-2011:130MANDRIVA
MDVSA-2013:150http://www.mandriva.com/security/advisories?name=MDVSA-2013:150MANDRIVA
http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.htmlhttp://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.htmlCONFIRM
http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2012-366304.htmlCONFIRM
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.htmlhttp://www.oracle.com/technetwork/topics/security/cpujul2012-392727.htmlCONFIRM
http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.htmlCONFIRM
RHSA-2011:1245http://www.redhat.com/support/errata/RHSA-2011-1245.htmlREDHAT
RHSA-2011:1294http://www.redhat.com/support/errata/RHSA-2011-1294.htmlREDHAT
RHSA-2011:1300http://www.redhat.com/support/errata/RHSA-2011-1300.htmlREDHAT
RHSA-2011:1329http://www.redhat.com/support/errata/RHSA-2011-1329.htmlREDHAT
RHSA-2011:1330http://www.redhat.com/support/errata/RHSA-2011-1330.htmlREDHAT
RHSA-2011:1369http://www.redhat.com/support/errata/RHSA-2011-1369.htmlREDHAT
49303http://www.securityfocus.com/bid/49303BID
USN-1199-1http://www.ubuntu.com/usn/USN-1199-1UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=732928https://bugzilla.redhat.com/show_bug.cgi?id=732928CONFIRMExploit
apache-http-byterange-dos(69396)https://exchange.xforce.ibmcloud.com/vulnerabilities/69396XF
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+ExCONFIRM
https://issues.apache.org/bugzilla/show_bug.cgi?id=51714https://issues.apache.org/bugzilla/show_bug.cgi?id=51714CONFIRMExploit
[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.htmlhttps://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3CcvsMLIST
[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.htmlhttps://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3CcvsMLIST
[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.htmlhttps://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3CcvsMLIST
[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.htmlhttps://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3CcvsMLIST
[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.htmlhttps://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3CcvMLIST
[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.htmlhttps://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3CcvMLIST
[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.htmlhttps://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3CcvMLIST
[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.htmlhttps://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3CcvMLIST
oval:org.mitre.oval:def:14762https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14762OVAL
oval:org.mitre.oval:def:14824https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14824OVAL
oval:org.mitre.oval:def:18827https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18827OVAL