SB2017092001 - Use-after-free in Apache HTTP Server
Published: September 20, 2017 Updated: October 3, 2017
Security Bulletin ID
SB2017092001
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use-after-free (CVE-ID: CVE-2017-9798)
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to use-after-free error when processing HTTP OPTIONS requests in server/core.c, when limits are configured in .htaccess or httpd.conf configuration files. A remote unauthenticated attacker can read portions of memory through HTTP OPTIONS requests and gain access to potentially sensitive data.
The vulnerability is dubbed Optionsbleed.
Remediation
Install update from vendor's website.
References
- https://svn.apache.org/viewvc?view=revision&revision=1807655
- https://github.com/hannob/optionsbleed
- http://openwall.com/lists/oss-security/2017/09/18/2
- https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory....
- http://www.apache.org/dist/httpd/CHANGES_2.4.28