Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2017-9798

Good to know:

icon

Date: September 18, 2017

Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.

Language: C

Severity Score

Related Resources (59)

https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
http://www.securityfocus.com/bid/105598
https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
https://nvd.nist.gov/vuln/detail/CVE-2017-9798
https://access.redhat.com/errata/RHSA-2017:2972
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
https://www.tenable.com/security/tns-2019-09
https://github.com/hannob/optionsbleed
https://access.redhat.com/errata/RHSA-2017:3018
https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
https://security-tracker.debian.org/tracker/CVE-2017-9798
https://security.netapp.com/advisory/ntap-20180601-0003/
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
https://access.redhat.com/errata/RHSA-2017:2882
https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch
https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a
https://access.redhat.com/errata/RHSA-2017:3240
https://support.apple.com/HT208331
https://www.exploit-db.com/exploits/42745/
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798
https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9798
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E
http://openwall.com/lists/oss-security/2017/09/18/2
https://access.redhat.com/security/cve/CVE-2017-9798
https://access.redhat.com/errata/RHSA-2017:3239
http://www.debian.org/security/2017/dsa-3980
https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
http://www.securityfocus.com/bid/100872
http://www.securitytracker.com/id/1039387
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us
https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://access.redhat.com/errata/RHSA-2017:3195
https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E
https://access.redhat.com/errata/RHSA-2017:3193
https://access.redhat.com/errata/RHSA-2017:3194
https://access.redhat.com/errata/RHSA-2017:3475
https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
https://access.redhat.com/errata/RHSA-2017:3113
https://access.redhat.com/errata/RHSA-2017:3476
https://access.redhat.com/errata/RHSA-2017:3114
https://access.redhat.com/errata/RHSA-2017:3477
https://security.gentoo.org/glsa/201710-32
https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
https://www.mend.io/vulnerability-database/CVE-2017-9798

Severity Score

Weakness Type (CWE)

Use After Free

CWE-416

Top Fix

icon

Upgrade Version

Upgrade to version 2.4.28

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): NONE
Availability (A): NONE

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): NONE
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us