High severity7.5NVD Advisory· Published Sep 18, 2017· Updated May 13, 2026
CVE-2017-9798
CVE-2017-9798
Description
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.
Affected products
23cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*+ 18 more
- cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*range: <=2.2.34
- cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- Apache Software Foundation/Apache HTTP Serverv5Range: Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
55- www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlnvdPatchThird Party Advisory
- www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlnvdPatchThird Party Advisory
- www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.htmlnvdPatchThird Party Advisory
- www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.htmlnvdPatchThird Party Advisory
- github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67anvdPatchVendor Advisory
- www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlnvdPatchThird Party Advisory
- www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlnvdPatchThird Party Advisory
- blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.htmlnvdExploitPatchTechnical DescriptionThird Party Advisory
- blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patchnvdExploitPatchTechnical DescriptionThird Party Advisory
- www.exploit-db.com/exploits/42745/nvdExploitThird Party AdvisoryVDB Entry
- www.debian.org/security/2017/dsa-3980nvdThird Party Advisory
- www.securityfocus.com/bid/100872nvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/105598nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1039387nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2017:2882nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:2972nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:3018nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:3113nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:3114nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:3193nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:3194nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:3195nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:3239nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:3240nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:3475nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:3476nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:3477nvdThird Party Advisory
- httpd.apache.org/security/vulnerabilities_24.htmlnvdVendor Advisory
- security-tracker.debian.org/tracker/CVE-2017-9798nvdThird Party Advisory
- security.gentoo.org/glsa/201710-32nvdThird Party Advisory
- security.netapp.com/advisory/ntap-20180601-0003/nvdThird Party Advisory
- support.apple.com/HT208331nvdThird Party Advisory
- support.hpe.com/hpsc/doc/public/displaynvdThird Party Advisory
- svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.cnvdVendor Advisory
- www.tenable.com/security/tns-2019-09nvdThird Party Advisory
- openwall.com/lists/oss-security/2017/09/18/2nvdMailing ListVDB Entry
- seclists.org/fulldisclosure/2024/Sep/22nvd
- lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3Envd
- lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3Envd
News mentions
0No linked articles in our index yet.