{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Apache httpd versions 1.3.42 et ant\u00e9rieures.","product":{"name":"N/A","vendor":{"name":"Apache","scada":false}}},{"description":"Apache httpd versions 2.2.19 et ant\u00e9rieures;","product":{"name":"N/A","vendor":{"name":"Apache","scada":false}}},{"description":"Apache httpd versions 2.0.64 et ant\u00e9rieures;","product":{"name":"N/A","vendor":{"name":"Apache","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 relative \u00e0 la gestion de certains param\u00e8tres d'en-t\u00eate\nHTTP est pr\u00e9sente dans le serveur web Apache httpd. Elle permet \u00e0 un\nutilisateur distant malintentionn\u00e9 de provoquer une consommation m\u00e9moire\nexcessive du serveur au moyen d'une requ\u00eate HTTP sp\u00e9cialement con\u00e7ue.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2011-3192","url":"https://www.cve.org/CVERecord?id=CVE-2011-3192"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 HP c02997184 du 08 septembre 2011 :","url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02997184"},{"title":"Bulletins de s\u00e9curit\u00e9 RedHat RHSA-2011:1245-1 31 ao\u00fbt 2011    :","url":"http://rhn.redhat.com/errata/RHSA-2011-1245.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Debian DSA 2298 du 29 ao\u00fbt 2011 :","url":"http://www.debian.org/security/2011/dsa-2298"},{"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20110830-apache du 09    septembre 2011 :","url":"http://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml"},{"title":"Bulletin de s\u00e9curit\u00e9 IBM ISS Xforce 69396 du 23 ao\u00fbt 2011 :","url":"http://xforce.iss.net/xforce/xfdb/69396"},{"title":"Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2011:130 du 04    septembre 2011 :","url":"http://www.mandriva.com/fr/support/security/advisories/?dis=2010&name=MDVSA-2011:130"},{"title":"Bulletin de s\u00e9curit\u00e9 Ubuntu USN-1199-1 du 01 septembre 2011    :","url":"http://www.ubuntulinux.org/usn/usn-1199-1"},{"title":"Bulletin de s\u00e9curit\u00e9 Novell (Suse) CVE-2011-3192 du 06    septembre 2011 :","url":"http://support.novell.com/security/cve/CVE-2011-3192.html"},{"title":"Alerte de s\u00e9curit\u00e9 Oracle du 15 septembre 2011 :","url":"http://www.oracle.com/technetwork/topics/security/alert-cve-2011-3192-485304.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Hitachi HS11-019 du 05 septembre 2011    :","url":"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-019/index.html"}],"reference":"CERTA-2011-AVI-490","revisions":[{"description":"version initiale.","revision_date":"2011-09-01T00:00:00.000000"},{"description":"ajout des r\u00e9f\u00e9rences aux bulletins Cisco, Hitachi, HP, Mandriva, Novell (Suse), RedHat et Ubuntu.","revision_date":"2011-09-13T00:00:00.000000"},{"description":"ajout de la r\u00e9f\u00e9rence au bulletin Oracle.","revision_date":"2011-11-21T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"}],"summary":"Une vuln\u00e9rabilit\u00e9 pr\u00e9sente dans <span class=\"textit\">Apache httpd</span>\npermet \u00e0 un utilisateur distant malintentionn\u00e9 de provoquer un d\u00e9ni de\nservice.\n","title":"Vuln\u00e9rabilit\u00e9 dans Apache httpd","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Apache du 30 ao\u00fbt 2011","url":"http://httpd.apache.org/security/vulnerabilities_22.html#2.2.20"}]}