CVE-2017-9798

Priority
Medium
Description
Apache httpd allows remote attackers to read secret data from process
memory if the Limit directive can be set in a user's .htaccess file, or if
httpd.conf has certain misconfigurations, aka Optionsbleed. This affects
the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The
attacker sends an unauthenticated OPTIONS HTTP request when attempting to
read secret data. This is a use-after-free issue and thus secret data is
not always sent, and the specific data depends on many factors including
configuration. Exploitation with .htaccess can be blocked with a patch to
the ap_limit_section function in server/core.c.
References
Bugs
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):released (2.4.27-2ubuntu3)
Ubuntu 12.04 ESM (Precise Pangolin):needed
Ubuntu 14.04 LTS (Trusty Tahr):released (2.4.7-1ubuntu4.18)
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (2.4.18-2ubuntu3.5)
Ubuntu 17.04 (Zesty Zapus):released (2.4.25-3ubuntu2.3)
Patches:
Upstream:https://svn.apache.org/viewvc?view=revision&revision=1807754
More Information

Updated: 2017-09-21 19:14:14 UTC (commit 13375)