#VU8504 Use-after-free


Published: 2020-03-18 | Updated: 2020-04-07

Vulnerability identifier: #VU8504

Vulnerability risk: Low

CVSSv3.1:

CVE-ID: CVE-2017-9798

CWE-ID: CWE-416

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Apache HTTP Server
Server applications / Web servers

Vendor: Apache Foundation

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists due to use-after-free error when processing HTTP OPTIONS requests in server/core.c, when limits are configured in .htaccess or httpd.conf configuration files. A remote unauthenticated attacker can read portions of memory through HTTP OPTIONS requests and gain access to potentially sensitive data.

The vulnerability is dubbed Optionsbleed.

Mitigation
Update to version 2.4.28.
http://www.apache.org/dist/httpd/CHANGES_2.4.28

Vulnerable software versions

Apache HTTP Server: 2.2.0 - 2.4.27


CPE

External links
http://svn.apache.org/viewvc?view=revision&revision=1807655 
http://github.com/hannob/optionsbleed
http://openwall.com/lists/oss-security/2017/09/18/2
http://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory....
http://www.apache.org/dist/httpd/CHANGES_2.4.28


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?


Latest bulletins with this vulnerability