Scripthttp-vuln-cve2011-3192
Script types:portrule
Categories:vuln,safe
Download:https://svn.nmap.org/nmap/scripts/http-vuln-cve2011-3192.nse
Script Summary
Detects a denial of service vulnerability in the way the Apache web serverhandles requests for multiple overlapping/simple ranges of a page.
References:
- https://seclists.org/fulldisclosure/2011/Aug/175
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
- https://www.tenable.com/plugins/nessus/55976
See also:
Script Arguments
- http-vuln-cve2011-3192.path
Define the request path
- http-vuln-cve2011-3192.hostname
Define the host name to be used in the HEAD request sent to the server
- slaxml.debug
See the documentation for theslaxml library.
- http.host,http.max-body-size,http.max-cache-size,http.max-pipeline,http.pipeline,http.truncated-ok,http.useragent
See the documentation for thehttp library.
- smbdomain,smbhash,smbnoguest,smbpassword,smbtype,smbusername
See the documentation for thesmbauth library.
- vulns.short,vulns.showall
See the documentation for thevulns library.
Example Usage
nmap --script http-vuln-cve2011-3192.nse [--script-args http-vuln-cve2011-3192.hostname=nmap.scanme.org] -pT:80,443 <host>
Script Output
Host script results:| http-vuln-cve2011-3192:| VULNERABLE:| Apache byterange filter DoS| State: VULNERABLE| IDs: CVE:CVE-2011-3192 BID:49303| Description:| The Apache web server is vulnerable to a denial of service attack when numerous| overlapping byte ranges are requested.| Disclosure date: 2011-08-19| References:| https://seclists.org/fulldisclosure/2011/Aug/175| https://www.tenable.com/plugins/nessus/55976| https://www.securityfocus.com/bid/49303|_ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
Requires
Author:
- Duarte Silva <duarte.silva@serializing.me>
License: Same as Nmap--Seehttps://nmap.org/book/man-legal.html