CVE-2017-9798
Description
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a users .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
93.84
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update Apache to version 2.4.28 | Windows |
| Update Apache to version 2.2.34 | Windows |
| Vulnerabilities CVE-2020-11985,CVE-2017-9798,CVE-2017-12618,CVE-2016-8743 are fixed in IBM HTTP 9.0.0.3 | Windows |
| Multiple vulnerabilities are fixed in IBM HTTP 7.0.0.45 | Windows |
| Vulnerabilities CVE-2017-9798,CVE-2017-12618 are fixed in IBM HTTP 9.0.0.6 | Windows |
| Vulnerabilities CVE-2017-9798,CVE-2017-12618 are fixed in IBM HTTP 8.5.5.13 | Windows |
| Vulnerabilities CVE-2017-9798,CVE-2017-12618 are fixed in IBM HTTP 8.0.0.15 | Windows |
| Multiple vulnerabilities are fixed in IBM WebSphere 8.0.0.15 | Windows |
| Multiple vulnerabilities are fixed in IBM WebSphere 7.0.0.45 | Windows |
| Vulnerabilities CVE-2017-9798,CVE-2017-12618 are fixed in IBM WebSphere 9.0.0.6 | Windows |
| Multiple vulnerabilities are fixed in IBM WebSphere 8.5.5.13 | Windows |
| Multiple vulnerabilities are affected in Oracle HTTP Server 11.1.1.9.0 | Windows |
| Multiple vulnerabilities are affected in Oracle HTTP Server 12.1.3.0.0 | Windows |
| Vulnerabilities CVE-2015-2808,CVE-2016-2183,CVE-2017-9798,CVE-2018-2561 are affected in Oracle HTTP Server 11.1.1.7.0 | Windows |
| Vulnerabilities CVE-2015-2808,CVE-2016-2183,CVE-2017-9798,CVE-2018-2561 are affected in Oracle HTTP Server 12.2.1.2.0 | Windows |
| Multiple vulnerabilities are affected in Oracle HTTP Server 12.2.1.3.0 | Windows |
| Multiple vulnerabilities are affected in Oracle PeopleSoft Enterprise PeopleTools 8.55 | Windows |
| Multiple vulnerabilities are affected in Oracle PeopleSoft Enterprise PeopleTools 8.56 | Windows |
| Multiple vulnerabilities are fixed in macOS High Sierra 10.13.2 | Mac |
| Multiple vulnerabilities are fixed in macOS High Sierra 10.13.2 Combo Update | Mac |
| Apache2 2.4.25-3ubuntu2 for Ubuntu 17.04 (x64) apache2_2.4.25-3ubuntu2.3_amd64.deb | Linux |
| Apache2 2.4.25-3ubuntu2 for Ubuntu 17.04 apache2_2.4.25-3ubuntu2.3_i386.deb | Linux |
| Apache HTTP server (USN-3425-1) apache2-bin_2.4.25-3ubuntu2.3_i386.deb | Linux |
| Apache HTTP server (USN-3425-1) apache2-bin_2.4.25-3ubuntu2.3_amd64.deb | Linux |
| Apache HTTP server (USN-3370-1) apache2-bin_2.4.25-3ubuntu2.3_i386.deb | Linux |
| Apache HTTP server (USN-3370-1) apache2-bin_2.4.25-3ubuntu2.3_amd64.deb | Linux |
| Apache2 2.4.25-3+deb9u2 for Debian GNU/Linux 9 (Stretch) (x64) apache2_2.4.25-3+deb9u2_amd64.deb | Linux |
| Apache2 2.4.25-3+deb9u2 for Debian GNU/Linux 9 (Stretch) apache2_2.4.25-3+deb9u2_i386.deb | Linux |
| (RHSA-2017:2972) httpd security update httpd-2.2.15-60.el6_9.6.i686.rpm | Linux |
| (RHSA-2017:2972) httpd security update httpd-2.2.15-60.el6_9.6.x86_64.rpm | Linux |
| (RHSA-2017:2972) httpd security update httpd-devel-2.2.15-60.el6_9.6.i686.rpm | Linux |
| (RHSA-2017:2972) httpd security update httpd-devel-2.2.15-60.el6_9.6.x86_64.rpm | Linux |
| (RHSA-2017:2972) httpd security update httpd-manual-2.2.15-60.el6_9.6.noarch.rpm | Linux |
| (RHSA-2017:2972) httpd security update httpd-tools-2.2.15-60.el6_9.6.i686.rpm | Linux |
| (RHSA-2017:2972) httpd security update httpd-tools-2.2.15-60.el6_9.6.x86_64.rpm | Linux |
| (RHSA-2017:2972) httpd security update mod_ssl-2.2.15-60.el6_9.6.i686.rpm | Linux |
| (RHSA-2017:2972) httpd security update mod_ssl-2.2.15-60.el6_9.6.x86_64.rpm | Linux |
| Httpd update (ELSA-2017-2972) httpd-2.2.15-60.0.1.el6_9.6.x86_64.rpm | Linux |
| Httpd-devel update (ELSA-2017-2972) httpd-devel-2.2.15-60.0.1.el6_9.6.x86_64.rpm | Linux |
| Httpd-tools update (ELSA-2017-2972) httpd-tools-2.2.15-60.0.1.el6_9.6.x86_64.rpm | Linux |
| Mod_ssl update (ELSA-2017-2972) mod_ssl-2.2.15-60.0.1.el6_9.6.x86_64.rpm | Linux |
| Httpd-manual update (ELSA-2017-2972) httpd-manual-2.2.15-60.0.1.el6_9.6.noarch.rpm | Linux |
| Httpd update (ELSA-2017-2972) httpd-2.2.15-60.0.1.el6_9.6.i686.rpm | Linux |
| Httpd-devel update (ELSA-2017-2972) httpd-devel-2.2.15-60.0.1.el6_9.6.i686.rpm | Linux |
| Httpd-tools update (ELSA-2017-2972) httpd-tools-2.2.15-60.0.1.el6_9.6.i686.rpm | Linux |
| Mod_ssl update (ELSA-2017-2972) mod_ssl-2.2.15-60.0.1.el6_9.6.i686.rpm | Linux |
| Update Apache to version 2.4.28 (For Linux) | Linux |
| Update Apache to version 2.2.34 (For Linux) | Linux |
| Use After Free Vulnerability (CVE-2017-9798) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-601562 | macOS High Sierra 10.13.6 - Reboot Automatically |
| PATCH-601563 | macOS High Sierra 10.13.6 Combo Update - Reboot Automatically |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234