diff --git a/CHANGELOG b/CHANGELOG
index 4453cd180..69597495d 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,8 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o [NSE] Fixed a false positive in http-vuln-cve2011-3192.nse, which detected
+  Apache 2.2.22 as vulnerable. [Michael Meyer]
+
 o [NSE] Added changes to brute and unpwdb libraries to allow more flexible iterator
   specification and control. [Aleksandar Nikolic]
 
diff --git a/scripts/http-vuln-cve2011-3192.nse b/scripts/http-vuln-cve2011-3192.nse
index c72f6894b..4571addec 100644
--- a/scripts/http-vuln-cve2011-3192.nse
+++ b/scripts/http-vuln-cve2011-3192.nse
@@ -107,7 +107,7 @@ overlapping byte ranges are requested.]],
         -- than allowed).
         -- Vulnerable servers will reply with another code 206 response. Patched
         -- ones will return a code 200.
-        request_opts.header.Range = "bytes=0-0,1-1,2-2,3-3,4-4,5-5,6-6,7-7,8-8,9-9,10-10"
+        request_opts.header.Range = "bytes=1-0,0-0,1-1,2-2,3-3,4-4,5-5,6-6,7-7,8-8,9-9,10-10"
 
         response = http.head(host, port, path, request_opts)