CLD-35 Details

Other IDs this deficiency may be known by:

CVE ID CVE-2017-9798 (nvd) (mitre) (debian) (archlinux) (red hat) (suse) (ubuntu)
Other ID(s) OptionsBleed

Basic Information:

Affected Package(s) apache
Deficiency Type SECURITY
Date Created 2017-09-18 14:01:16
Date Last Modified 2017-09-19 08:34:22

Version Specific Information:

Cucumber 1.0 i686partially fixed in apache-2.4.27-i686-2
Cucumber 1.0 x86_64partially fixed in apache-2.4.27-x86_64-2

Cucumber 1.1 i686 partially fixed in apache-2.4.27-i686-2
Cucumber 1.1 x86_64 partially fixed in apache-2.4.27-x86_64-2

Details:

Apache httpd allows remote attackers to read secret data from process memory if
the Limit directive can be set in a user's .htaccess file, or if httpd.conf has
certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server
through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated
OPTIONS HTTP request when attempting to read secret data. This is a
use-after-free issue and thus secret data is not always sent, and the specific
data depends on many factors including configuration. Exploitation with
.htaccess can be blocked with a patch to the ap_limit_section function in
server/core.c.

This partial fix (apache-2.4.27-i686-2 on Mon Sep 18 17:58:12 EDT 2017) fixes
only the .htaccess portion of the vulnerability.