Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2017-9798 - log back

CVE-2017-9798 created at 25 Sep 2019 19:31:40

Severity

+

High

Remote

+

Remote

Type

+	Information disclosure

Description

+	An use after free vulnerability has been discovered in Apache HTTP 2.4.27 that causes a corrupted Allow header to be constructed in response to HTTP OPTIONS requests. This can leak pieces of arbitrary memory from the server process that may contain secrets. The memory pieces change after multiple requests, so for a vulnerable host an arbitrary number of memory chunks can be leaked.
+	The bug appears if a webmaster tries to use the "Limit" directive with an invalid HTTP method.

References

+	https://bz.apache.org/bugzilla/show_bug.cgi?id=61207
+	https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
+	http://www.openwall.com/lists/oss-security/2017/09/18/2
+	https://github.com/hannob/optionsbleed

Notes