The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Apache httpd

vulnerability bulletin CVE-2017-9798

Apache httpd: information disclosure via htaccess Limit Optionsbleed

Synthesis of the vulnerability

When Apache httpd hosts an .htaccess file with the Limit option, an OPTIONS query can retrieve an extract of the service memory.
Impacted products: Apache httpd, Mac OS X, Debian, Fedora, WebSphere AS Traditional, Junos Space, openSUSE Leap, Oracle Communications, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle Identity Management, Oracle iPlanet Web Server, Solaris, Tuxedo, WebLogic, Oracle Web Tier, RHEL, JBoss EAP by Red Hat, Slackware, Synology DSM, Synology DS***, Synology RS***, Ubuntu.
Severity: 2/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 19/09/2017.
Identifiers: 2009782, bulletinjan2018, CERTFR-2017-AVI-336, cpujan2018, cpujan2019, CVE-2017-9798, DLA-1102-1, DSA-3980-1, FEDORA-2017-a52f252521, HT208331, HT208394, JSA10838, openSUSE-SU-2017:2549-1, openSUSE-SU-2018:1057-1, RHSA-2017:2882-01, RHSA-2017:2972-01, RHSA-2017:3018-01, RHSA-2017:3113-01, RHSA-2017:3114-01, RHSA-2017:3239-01, RHSA-2017:3240-01, SSA:2017-261-01, Synology-SA-17:56, USN-3425-1, USN-3425-2, VIGILANCE-VUL-23863.

Description of the vulnerability

When Apache httpd hosts an .htaccess file with the Limit option, an OPTIONS query can retrieve an extract of the service memory.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-9789

Apache httpd: use after free via mod_http2

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via mod_http2 of Apache httpd, in order to trigger a denial of service, and possibly to run code.
Impacted products: Apache httpd, Mac OS X, openSUSE Leap.
Severity: 3/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: internet client.
Creation date: 13/07/2017.
Identifiers: APPLE-SA-2017-09-25-1, CVE-2017-9789, HT208144, HT208221, openSUSE-SU-2018:0291-1, VIGILANCE-VUL-23250.

Description of the vulnerability

An attacker can force the usage of a freed memory area via mod_http2 of Apache httpd, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-9788

Apache httpd: information disclosure via mod_auth_digest

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via mod_auth_digest of Apache httpd, in order to obtain sensitive information.
Impacted products: Apache httpd, Mac OS X, Blue Coat CAS, Debian, Junos Space, openSUSE Leap, Solaris, VirtualBox, RHEL, JBoss EAP by Red Hat, Symantec Content Analysis, Ubuntu.
Severity: 3/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 13/07/2017.
Identifiers: APPLE-SA-2017-09-25-1, bulletinjul2017, cpuoct2017, CVE-2017-9788, DLA-1028-1, DSA-3913-1, HT208144, HT208221, JSA10838, openSUSE-SU-2017:2016-1, RHSA-2017:2478-01, RHSA-2017:2479-01, RHSA-2017:2483-01, RHSA-2017:3113-01, RHSA-2017:3114-01, RHSA-2017:3193-01, RHSA-2017:3194-01, RHSA-2017:3195-01, RHSA-2017:3239-01, RHSA-2017:3240-01, SYMSA1457, USN-3370-1, USN-3370-2, VIGILANCE-VUL-23249.

Description of the vulnerability

An attacker can bypass access restrictions to data via mod_auth_digest of Apache httpd, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2017-7679

Apache httpd: out-of-bounds memory reading via mod_mime

Synthesis of the vulnerability

An attacker can force a read at an invalid address via mod_mime of Apache httpd, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: SES, Apache httpd, Mac OS X, Debian, NetWorker, BIG-IP Hardware, TMOS, Fedora, Junos Space, ePO, openSUSE Leap, Solaris, VirtualBox, RHEL, Slackware, Ubuntu.
Severity: 2/4.
Consequences: data reading, denial of service on service.
Provenance: internet client.
Creation date: 20/06/2017.
Identifiers: APPLE-SA-2017-09-25-1, bulletinjul2017, cpuoct2017, CVE-2017-7679, DLA-1009-1, DSA-3896-1, FEDORA-2017-9ded7c5670, FEDORA-2017-cf9599a306, HT208144, HT208221, JSA10838, K75429050, openSUSE-SU-2017:1803-1, RHSA-2017:2478-01, RHSA-2017:2479-01, RHSA-2017:2483-01, RHSA-2017:3193-01, RHSA-2017:3194-01, RHSA-2017:3195-01, SB10206, SSA:2017-180-03, STORM-2017-003, USN-3340-1, USN-3373-1, VIGILANCE-VUL-23004.

Description of the vulnerability

An attacker can force a read at an invalid address via mod_mime of Apache httpd, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2017-7668

Apache httpd: out-of-bounds memory reading via ap_find_token

Synthesis of the vulnerability

An attacker can force a read at an invalid address via ap_find_token() of Apache httpd, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: SES, Apache httpd, Mac OS X, Debian, Fedora, Junos Space, ePO, Solaris, VirtualBox, RHEL, Slackware, Ubuntu.
Severity: 2/4.
Consequences: data reading, denial of service on service.
Provenance: internet client.
Creation date: 20/06/2017.
Identifiers: APPLE-SA-2017-09-25-1, bulletinjul2017, CERTFR-2017-AVI-218, cpuoct2017, CVE-2017-7668, DLA-1009-1, DSA-3896-1, FEDORA-2017-9ded7c5670, FEDORA-2017-cf9599a306, HT208144, HT208221, JSA10838, RHSA-2017:2479-01, RHSA-2017:2483-01, RHSA-2017:3193-01, RHSA-2017:3194-01, SB10206, SSA:2017-180-03, STORM-2017-003, USN-3340-1, USN-3373-1, VIGILANCE-VUL-23003.

Description of the vulnerability

An attacker can force a read at an invalid address via ap_find_token() of Apache httpd, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-7659

Apache httpd 2.4: NULL pointer dereference via mod_http2

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via mod_http2 of Apache httpd, in order to trigger a denial of service.
Impacted products: Apache httpd, Mac OS X, Debian, Fedora, openSUSE Leap, Solaris, RHEL, Slackware.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: internet client.
Creation date: 20/06/2017.
Identifiers: APPLE-SA-2017-09-25-1, bulletinjul2017, CERTFR-2017-AVI-218, CVE-2017-7659, DLA-1009-1, DSA-3896-1, FEDORA-2017-9ded7c5670, FEDORA-2017-cf9599a306, HT208144, HT208221, openSUSE-SU-2018:0291-1, RHSA-2017:2483-01, SSA:2017-180-03, VIGILANCE-VUL-23002.

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via mod_http2 of Apache httpd, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2017-3169

Apache httpd: NULL pointer dereference via mod_ssl

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via mod_ssl of Apache httpd, in order to trigger a denial of service.
Impacted products: SES, Apache httpd, Mac OS X, Debian, BIG-IP Hardware, TMOS, Fedora, Junos Space, ePO, openSUSE Leap, Solaris, VirtualBox, RHEL, Slackware, Ubuntu.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: internet client.
Creation date: 20/06/2017.
Identifiers: APPLE-SA-2017-09-25-1, bulletinjul2017, CERTFR-2017-AVI-218, cpuoct2017, CVE-2017-3169, DLA-1009-1, DSA-3896-1, FEDORA-2017-9ded7c5670, FEDORA-2017-cf9599a306, HT208144, HT208221, JSA10838, K83043359, openSUSE-SU-2017:1803-1, RHSA-2017:2478-01, RHSA-2017:2479-01, RHSA-2017:2483-01, RHSA-2017:3193-01, RHSA-2017:3194-01, RHSA-2017:3195-01, SB10206, SSA:2017-180-03, STORM-2017-003, USN-3340-1, USN-3373-1, VIGILANCE-VUL-23001.

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via mod_ssl of Apache httpd, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-3167

Apache httpd: privilege escalation via ap_get_basic_auth_pw

Synthesis of the vulnerability

An attacker can bypass restrictions of a module developed with ap_get_basic_auth_pw() of Apache httpd, in order to escalate his privileges.
Impacted products: Apache httpd, Mac OS X, Debian, BIG-IP Hardware, TMOS, Fedora, Junos Space, openSUSE Leap, Solaris, VirtualBox, RHEL, Slackware, Ubuntu.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights.
Provenance: internet client.
Creation date: 20/06/2017.
Identifiers: APPLE-SA-2017-09-25-1, bulletinjul2017, CERTFR-2017-AVI-218, cpuoct2017, CVE-2017-3167, DLA-1009-1, DSA-3896-1, FEDORA-2017-9ded7c5670, FEDORA-2017-cf9599a306, HT208144, HT208221, JSA10838, K34125394, openSUSE-SU-2017:1803-1, RHSA-2017:2478-01, RHSA-2017:2479-01, RHSA-2017:2483-01, RHSA-2017:3193-01, RHSA-2017:3194-01, RHSA-2017:3195-01, SSA:2017-180-03, USN-3340-1, USN-3373-1, VIGILANCE-VUL-23000.

Description of the vulnerability

An attacker can bypass restrictions of a module developed with ap_get_basic_auth_pw() of Apache httpd, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2016-0736 CVE-2016-2161 CVE-2016-8743

Apache httpd: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Apache httpd.
Impacted products: Apache httpd, Mac OS X, Debian, BIG-IP Hardware, TMOS, Fedora, HP-UX, Junos Space, openSUSE Leap, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, TrendMicro ServerProtect, Ubuntu.
Severity: 3/4.
Consequences: data reading, data creation/edition, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 21/12/2016.
Revision date: 22/12/2016.
Identifiers: 1117414, APPLE-SA-2017-09-25-1, CVE-2016-0736, CVE-2016-2161, CVE-2016-8743, DLA-841-1, DLA-841-2, DSA-3796-1, DSA-3796-2, FEDORA-2016-8d9b62c784, FEDORA-2016-d22f50d985, HPESBUX03725, HT207615, HT208144, HT208221, JSA10838, K00373024, openSUSE-SU-2017:0897-1, openSUSE-SU-2017:0903-1, openSUSE-SU-2018:2856-1, RHSA-2017:0906-01, RHSA-2017:1721-01, SSA:2016-358-01, SUSE-SU-2018:2554-1, SUSE-SU-2018:2815-1, USN-3279-1, USN-3373-1, VIGILANCE-VUL-21434.

Description of the vulnerability

Several vulnerabilities were announced in Apache httpd.

An attacker can tamper with encrypted session data, in order to get knowledge of the plain text value. [severity:1/4; CVE-2016-0736]

An attacker can trigger a fatal error in case of use of shared memory, in order to trigger a denial of service. [severity:2/4; CVE-2016-2161]

An attacker can make profit of syntax error recovery to tamper with HTTP responses headers and bodies. [severity:3/4; CVE-2016-8743]
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2016-8740

Apache httpd: denial of service via HTTP/2

Synthesis of the vulnerability

An attacker can generate an overload via the HTTP/2 experimental module of Apache httpd, in order to trigger a denial of service.
Impacted products: Apache httpd, Mac OS X, Fedora, HP-UX, openSUSE Leap, Slackware, TrendMicro ServerProtect.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 05/12/2016.
Identifiers: 1117414, APPLE-SA-2017-09-25-1, CVE-2016-8740, FEDORA-2016-260d22944d, FEDORA-2016-b39fedec11, HPESBUX03725, HT207615, HT208144, HT208221, openSUSE-SU-2017:0297-1, SSA:2016-358-01, VIGILANCE-VUL-21263.

Description of the vulnerability

An attacker can generate an overload via the HTTP/2 experimental module of Apache httpd, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Apache httpd: