English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Avaya Experience Portal Apache HTTP Server ByteRange Filter Denial of Service Vulnerability


Secunia ID

SA51480

CVE-ID

CVE-2011-3192

Release Date

07 Dec 2012

Criticality

Moderately Critical

Solution Status

Vendor Patch

Software

Avaya Experience Portal 6.x

Where

From remote

Impact
DoS (Denial of Service)

This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system.

Description

Avaya has acknowledged a vulnerability in Avaya Experience Portal, which can be exploited by malicious people to cause a DoS (Denial of Service).

For more information:
SA45606

The vulnerability is reported in version 6.0.

Solution

Update to version 6.0 SP1.

Original Advisory

ASA-2011-281:
https://downloads.avaya.com/css/P8/documents/100148618