Apache HTTPd Range Header Denial of Service Vulnerability

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Home
Ask the Team
Mailing Lists
Advertising Info
Advisories
About SecuriTeam
Blogs

Brought to you by:

Suppliers of:

SecuriTeam in Your Inbox

New vulnerability?
New tool?
Tell us
(Our PGP key).

Confidence 2013

5% Off any SANS course
Use Code: SecuriTeam_5

Hack In Paris

La Nuit du Hack

Subjects of Interest:
Vulnerability Management
SQL Injection
Buffer Overflows
Active Network Scanning
Fuzzing
Fuzzer Report
Network Security
Network Scanner
Pen Testing
Security Scanner

Successful exploitation of this vulnerability could cause significant memory and CPU utilization on affected products. Repeated exploitation could result in a sustained DoS condition.

Credit:
The original article can be found at: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3192
The original article can be found at: http://seclists.org/fulldisclosure/2011/Aug/175

Free Website Security Scan	Free Fuzzer Report	Vulnerability Assessment
Detect web app vulnerabilities	University study comparing the top	Accurate and automated scanning
Get guidance from professionals.	6 commercially availble fuzzers.	for networks of any size.

Protect your website!
Free Trial, Nothing to install.
No interruption of visitors.
www.beyondsecurity.com/vulnerability-scanner

.Vulnerable Systems:
* Cisco MDS 9000 NX-OS Software releases prior to 5.x are affected. Cisco MDS 9000 NX-OS Software releases 5.x and later are not affected.
*Cisco SAN-OS 3.x.
*Cisco TelePresence Video Communication Server (Cisco TelePresence VCS)
*All Cisco CTS TelePresence Systems
*Cisco Video Surveillance Manager (VSM)
*Cisco Video Surveillance Operations Manager (VSOM)
*Management Center for Cisco Security Agent. Cisco Security Agent (client software) is not affected.
*Cisco Wireless Control System (WCS)
*Cisco Wide Area Application Services (WAAS) Software
*Cisco Quad
*Cisco Network Collector
*Cisco Mobility Services Engine
*CiscoWorks Common Services
*CiscoWorks LAN Management Solution

Immune Systems:
*Cisco ASA 5500 Series Adaptive Security Appliances
*Cisco Catalyst 6500 Series ASA Services Module
*Cisco Catalyst 6500 Series Firewall Services Module
*Cisco Fabric Manager
*Cisco Identity Services Engine
*Cisco Intercompany Media Engine
*Cisco IOS Software
*Cisco IOS XE Software
*Cisco IOS XR Software
*Cisco IP Interoperability and Collaboration System (IPICS)
*Cisco IPS Software
*Cisco Unified IP Phones
*Cisco MDS 9000 NX-OS Software releases 5.x or later (prior versions are affected)
*Cisco Nexus 7000 Series (further testing and verification showed that Cisco NX-OS on Nexus 7000 is not affected by this vulnerability)
*Cisco Nexus 4000 Series
*Cisco Nexus 3000 Series
*Cisco Nexus 5000 Series
*Cisco Nexus 1000v Series
*Cisco Prime Central
*Cisco Prime Optical
*Cisco Prime Performance Manager
*Cisco Secure Access Control System (ACS)
*Cisco TelePresence Server
*Cisco Unified Communications Manager (formerly Cisco CallManager)
*Cisco Unity
*Cisco Unity Connection
*Cisco Wireless LAN Controllers (WLC)
*Cisco Wireless Location Appliance
*CiscoWorks Wireless LAN Solution Engine (WLSE)
*Cisco Prime Network Control System (NCS)
*Cisco Detector XT DDoS Mitigation Appliance
*Cisco Guard XT DDoS Mitigation Appliance
*Cisco Tidal Enterprise Orchestrator

The Apache HTTPd server contains a denial of service vulnerability when it handles multiple overlapping ranges. Multiple Cisco products may be affected by this vulnerability.

Vendor Status:
Cisco has issued an update to correct this vulnerability

Patch Availability:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110830-apache

CVE Information:
CVE-2011-3192

Disclosure Timeline:
2012-January-23 Updated the Software Versions and Fixes section.
2011-September-13 Updated the Products Confirmed Not Vulnerable section.
2011-September-08 Updated Vulnerable Products and Software Versions and Fixes sections.
2011-September-06 Updated Vulnerable Products and Software Versions and Fixes sections.
2011-September-02 Updated Vulnerable Products and Software Versions and Fixes sections. Added Cisco Network Collector to Vulnerable Products section.
2011-September-01 Added Cisco Quad to Vulnerable Products section and revised Software Versions and Fixes section.
2011-August-31 Updated Vulnerable Products, Products Confirmed Not Vulnerable, and Details sections with additional information about vulnerable and unaffected products.
2011-August-30 Initial public release.

blog comments powered by Disqus

	Moodle WebDav Repository Plaintext Password Disclosure Vulnerability
	QuickShare File Share Directory Traversal Vulnerability
	ELinks Security Bypass Vulnerability
	BlazeDVD PLF Exploit DEP/ASLR Bypass (MSF) Vulnerability
	WebKit Web Audio Channel Handling Race Condition Buffer Overflow Vulnerability
	Verax NMS Console AMF Response Plaintext Connection Information Disclosure Vulnerability
	Simeji for Android Application Handling Information Disclosure Vulnerability
	Ptlib Entity Expansion Recursion XML Nested Entity Handling DoS Vulnerability
	ownCloud /core/settings/ajax/setquota.php quota Parameter XSS Vulnerability
	Nitro Pro PDF File Handling DoS Vulnerability
	MailOrderWorks Dispatch Order Multiple Field XSS Vulnerability
	Linux Kernel Dccp Subsystem Ccid Null Pointer Dereference Local DoS Vulnerability
	ISC DHCP libdns Unspecified Remote Memory Exhaustion DoS Vulnerability
	GroundWork Monitor Enterprise Noma Component Multiple XSS Vulnerability
	GroundWork Monitor Enterprise Foundation Admin Interface XSS Vulnerability
	Google Chrome Isolated Web Sites Process Handling Issue Vulnerability
	Google Android On Samsung Unprivileged Arbitrary SMS Message Sending Vulnerability
	FFmpeg Libavcodec/error Function NULL Pointer Dereference DoS Vulnerability
	Commons Groups Module for Drupal Group Access Restriction Bypass Vulnerability
	Cfingerd RFC1413 (Ident) Client Remote Overflow Vulnerability

Featured Articles

	Mozilla Multiple Product HTML Editor Function Use-after-free Arbitrary Code Execution Vulnerability
	Exim with Dovecot Typical Misconfiguration Leads to Remote Command Execution Vulnerability
	IBM InfoSphere Information Server Unspecified Arbitrary Site Redirect Vulnerability
	Cisco Unity Express /Web/SA2/ScriptList.do gui_pagenotableData Parameter XSS Vulnerability
	Supportworks ITSM SQL Injection Vulnerability
	WirelessFiles for iPad/iPhone Multiple File Extension Upload Arbitrary Script Code Execution Vulnerability
	IBM InfoSphere Information Server Import Export Manager Path Subversion Arbitrary DLL Injection Code Execution Vulnerability
	CommentLuv Plugin for WordPress /wp-admin/admin-ajax.php _ajax_nonce Parameter XSS Vulnerability
	ownCloud Multiple Script Multiple Administrator Action CSRF Vulnerability
	IBM Multiple Product XSS Vulnerability
	TLS / DTLS Protocol CBC-Mode Ciphersuite Distinguishing Attack Information Disclosure Weakness Vulnerability
	JBoss Enterprise Application Platform / JBoss Enterprise Web Platform JMX Invoker Roll Restriction Weakness Vulnerability
	Google AD Sync Tool Exposure Of Sensitive Information Vulnerability
	VMware Multiple Product vmci.sys VMCI Control Code Handling Local Privilege Escalation Vulnerability
	Cisco Unity Express /Web/SA/SaveConfiguration.do Multiple Action CSRF Vulnerability
	AdPeeps /adpeeps_servlet.php Bannertext Parameter XSS Vulnerability
	Oracle Application Framework Diagnostic Mode Bypass Vulnerability
	Nero MediaHome NMMediaServer.dll Long Request Line Off-By-One Overflow Vulnerability
	Samba Samba Web Administration Tool (SWAT) Manipulation CSRF Vulnerability
	Adobe Flash Player And AIR Context Dependent Attacker Buffer Overflow Vulnerability

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus - Blogs - CVEs