Ubuntu: (Multiple Advisories) (CVE-2017-9798): Apache HTTP Server vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | September 18, 2017 | September 19, 2017 | December 20, 2017 |
Description
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
- UBUNTU-USN-3425-1
- UBUNTU-USN-3425-2
- DEBIAN-DSA-3980
- BID-100872
- SECTRACK-1039387
- REDHAT-RHSA-2017:2882
- REDHAT-RHSA-2017:2972
- REDHAT-RHSA-2017:3018
- REDHAT-RHSA-2017:3113
- REDHAT-RHSA-2017:3114
- REDHAT-RHSA-2017:3193
- REDHAT-RHSA-2017:3194
- REDHAT-RHSA-2017:3195
- REDHAT-RHSA-2017:3239
- REDHAT-RHSA-2017:3240
- REDHAT-RHSA-2017:3475
- REDHAT-RHSA-2017:3476
- REDHAT-RHSA-2017:3477
- GENTOO-GLSA-201710-32
- NVD-CVE-2017-9798
Solution
ubuntu-upgrade-apache2-2-binRelated Vulnerabilities
- Gentoo Linux: CVE-2017-9798: Apache: Multiple vulnerabilities
- IBM HTTP Server: CVE-2017-9798: Security Vulnerability
- Debian: CVE-2017-9798: apache2 -- security update
- Oracle Linux: (CVE-2017-9798) (Multiple Advisories): httpd security update
- Huawei EulerOS: CVE-2017-9798: httpd security update
- Oracle Solaris 11: CVE-2017-9798: Vulnerability in Apache HTTP server
- SUSE: CVE-2017-9798: SUSE Linux Security Advisory
- Red Hat: CVE-2017-9798: Moderate: httpd security update (Multiple Advisories)
- Amazon Linux AMI: CVE-2017-9798: Security patch for httpd24,httpd (ALAS-2017-896)
- OS X update for apache (CVE-2017-9798)
- FreeBSD: VID-76B085E2-9D33-11E7-9260-000C292EE6B8 (CVE-2017-9798): Apache -- HTTP OPTIONS method can leak server memory
- Apache HTTPD: Use-after-free when using
with an unrecognized method in .htaccess ("OptionsBleed") (CVE-2017-9798) - Huawei EulerOS: CVE-2017-9798: httpd security update
- CentOS: (CVE-2017-9798) (Multiple Advisories): httpd