7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.963 High
EPSS
Percentile
99.6%
CentOS Errata and Security Advisory CESA-2011:1245
The Apache HTTP Server is a popular web server.
A flaw was found in the way the Apache HTTP Server handled Range HTTP
headers. A remote attacker could use this flaw to cause httpd to use an
excessive amount of memory and CPU time via HTTP requests with a
specially-crafted Range header. (CVE-2011-3192)
All httpd users should upgrade to these updated packages, which contain a
backported patch to correct this issue. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2011-September/079872.html
https://lists.centos.org/pipermail/centos-announce/2011-September/079873.html
Affected packages:
httpd
httpd-devel
httpd-manual
httpd-suexec
mod_ssl
Upstream details at:
https://access.redhat.com/errata/RHSA-2011:1245
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | i386 | httpd | <Β 2.0.52-48.ent.centos4 | httpd-2.0.52-48.ent.centos4.i386.rpm |
CentOS | 4 | i386 | httpd-devel | <Β 2.0.52-48.ent.centos4 | httpd-devel-2.0.52-48.ent.centos4.i386.rpm |
CentOS | 4 | i386 | httpd-manual | <Β 2.0.52-48.ent.centos4 | httpd-manual-2.0.52-48.ent.centos4.i386.rpm |
CentOS | 4 | i386 | httpd-suexec | <Β 2.0.52-48.ent.centos4 | httpd-suexec-2.0.52-48.ent.centos4.i386.rpm |
CentOS | 4 | i386 | mod_ssl | <Β 2.0.52-48.ent.centos4 | mod_ssl-2.0.52-48.ent.centos4.i386.rpm |
CentOS | 4 | x86_64 | httpd | <Β 2.0.52-48.ent.centos4 | httpd-2.0.52-48.ent.centos4.x86_64.rpm |
CentOS | 4 | x86_64 | httpd-devel | <Β 2.0.52-48.ent.centos4 | httpd-devel-2.0.52-48.ent.centos4.x86_64.rpm |
CentOS | 4 | x86_64 | httpd-manual | <Β 2.0.52-48.ent.centos4 | httpd-manual-2.0.52-48.ent.centos4.x86_64.rpm |
CentOS | 4 | x86_64 | httpd-suexec | <Β 2.0.52-48.ent.centos4 | httpd-suexec-2.0.52-48.ent.centos4.x86_64.rpm |
CentOS | 4 | x86_64 | mod_ssl | <Β 2.0.52-48.ent.centos4 | mod_ssl-2.0.52-48.ent.centos4.x86_64.rpm |