Fixed a false positive in http-vuln-cve2011-3192.nse, which detected Apache

2.2.22 as vulnerable. The corresponding ChangeLog entry for Apache 2.2.22 says: """ Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20: A range of '0-' will now return 206 instead of 200. """ https://issues.apache.org/bugzilla/show_bug.cgi?id=51878
2025-12-06 04:31:29 +00:00 · 2012-07-12 17:00:41 +00:00
parent f083222ea9
commit 51cf3b0df9
2 changed files with 4 additions and 1 deletions
--- a/3
+++ b/3
@@ -1,5 +1,8 @@
 # Nmap Changelog ($Id$); -*-text-*-

+o [NSE] Fixed a false positive in http-vuln-cve2011-3192.nse, which detected
+  Apache 2.2.22 as vulnerable. [Michael Meyer]
+
 o [NSE] Added changes to brute and unpwdb libraries to allow more flexible iterator
  specification and control. [Aleksandar Nikolic]

--- a/scripts/http-vuln-cve2011-3192.nse
+++ b/scripts/http-vuln-cve2011-3192.nse
@@ -107,7 +107,7 @@ overlapping byte ranges are requested.]],
        -- than allowed).
        -- Vulnerable servers will reply with another code 206 response. Patched
        -- ones will return a code 200.
-        request_opts.header.Range = "bytes=0-0,1-1,2-2,3-3,4-4,5-5,6-6,7-7,8-8,9-9,10-10"
+        request_opts.header.Range = "bytes=1-0,0-0,1-1,2-2,3-3,4-4,5-5,6-6,7-7,8-8,9-9,10-10"

        response = http.head(host, port, path, request_opts)