CVE-2017-9798

Priority
Medium
Description
Apache httpd allows remote attackers to read secret data from process
memory if the Limit directive can be set in a user's .htaccess file, or if
httpd.conf has certain misconfigurations, aka Optionsbleed. This affects
the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The
attacker sends an unauthenticated OPTIONS HTTP request when attempting to
read secret data. This is a use-after-free issue and thus secret data is
not always sent, and the specific data depends on many factors including
configuration. Exploitation with .htaccess can be blocked with a patch to
the ap_limit_section function in server/core.c.
References
Bugs
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):released (2.2.22-1ubuntu1.14)
Ubuntu 14.04 LTS (Trusty Tahr):released (2.4.7-1ubuntu4.18)
Ubuntu 16.04 LTS (Xenial Xerus):released (2.4.18-2ubuntu3.5)
Ubuntu 17.04 (Zesty Zapus):released (2.4.25-3ubuntu2.3)
Ubuntu 17.10 (Artful Aardvark):released (2.4.27-2ubuntu3)
Ubuntu 18.04 LTS (Bionic Beaver):released (2.4.27-2ubuntu3)
Patches:
Upstream:https://svn.apache.org/viewvc?view=revision&revision=1807754
More Information

Updated: 2017-12-15 20:36:02 UTC (commit 13913)