#VU8504 Use-after-free in Apache HTTP Server - CVE-2017-9798
Published: September 19, 2017 / Updated: April 7, 2020
Vulnerability identifier: #VU8504
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Clear
CVE-ID: CVE-2017-9798
CWE-ID: CWE-416
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
Apache HTTP Server
Apache HTTP Server
Software vendor:
Apache Foundation
Apache Foundation
Description
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to use-after-free error when processing HTTP OPTIONS requests in server/core.c, when limits are configured in .htaccess or httpd.conf configuration files. A remote unauthenticated attacker can read portions of memory through HTTP OPTIONS requests and gain access to potentially sensitive data.
The vulnerability is dubbed Optionsbleed.
Remediation
External links
- https://svn.apache.org/viewvc?view=revision&revision=1807655
- https://github.com/hannob/optionsbleed
- http://openwall.com/lists/oss-security/2017/09/18/2
- https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory....
- http://www.apache.org/dist/httpd/CHANGES_2.4.28