Script http-vuln-cve2011-3192
Script types:
portrule
Categories:
vuln, safe
Download: https://svn.nmap.org/nmap/scripts/http-vuln-cve2011-3192.nse
Script Summary
Detects a denial of service vulnerability in the way the Apache web server handles requests for multiple overlapping/simple ranges of a page.
References:
- https://seclists.org/fulldisclosure/2011/Aug/175
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
- https://www.tenable.com/plugins/nessus/55976
See also:
Script Arguments
- http-vuln-cve2011-3192.path
Define the request path
- http-vuln-cve2011-3192.hostname
Define the host name to be used in the HEAD request sent to the server
- slaxml.debug
See the documentation for the slaxml library.
- http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok, http.useragent
See the documentation for the http library.
- smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername
See the documentation for the smbauth library.
- vulns.short, vulns.showall
See the documentation for the vulns library.
Example Usage
nmap --script http-vuln-cve2011-3192.nse [--script-args http-vuln-cve2011-3192.hostname=nmap.scanme.org] -pT:80,443 <host>
Script Output
Host script results: | http-vuln-cve2011-3192: | VULNERABLE: | Apache byterange filter DoS | State: VULNERABLE | IDs: CVE:CVE-2011-3192 BID:49303 | Description: | The Apache web server is vulnerable to a denial of service attack when numerous | overlapping byte ranges are requested. | Disclosure date: 2011-08-19 | References: | https://seclists.org/fulldisclosure/2011/Aug/175 | https://www.tenable.com/plugins/nessus/55976 | https://www.securityfocus.com/bid/49303 |_ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
Requires
Author:
License: Same as Nmap--See https://nmap.org/book/man-legal.html