CVE ID:	CVE-2017-9798
Description:	Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.
Test IDs:	1.3.6.1.4.1.25623.1.0.112048   1.3.6.1.4.1.25623.1.1.10.2018.0009   1.3.6.1.4.1.25623.1.0.812045   1.3.6.1.4.1.25623.1.0.812035   1.3.6.1.4.1.25623.1.0.703980   1.3.6.1.4.1.25623.1.0.882791   1.3.6.1.4.1.25623.1.0.891102   1.3.6.1.4.1.25623.1.0.843313   1.3.6.1.4.1.25623.1.0.108252   1.3.6.1.4.1.25623.1.1.12.2017.3425.2   1.3.6.1.4.1.25623.1.0.873446   1.3.6.1.4.1.25623.1.1.13.2017.261.01   1.3.6.1.4.1.25623.1.1.4.2017.2542.1   1.3.6.1.4.1.25623.1.0.882784   1.3.6.1.4.1.25623.1.1.2.2017.1253   1.3.6.1.4.1.25623.1.1.2.2017.1252   1.3.6.1.4.1.25623.1.1.4.2017.2718.1
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2017-9798 BugTraq ID: 100872 http://www.securityfocus.com/bid/100872 BugTraq ID: 105598 http://www.securityfocus.com/bid/105598 Debian Security Information: DSA-3980 (Google Search) http://www.debian.org/security/2017/dsa-3980 https://www.exploit-db.com/exploits/42745/ https://security.gentoo.org/glsa/201710-32 http://openwall.com/lists/oss-security/2017/09/18/2 https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a https://github.com/hannob/optionsbleed https://security-tracker.debian.org/tracker/CVE-2017-9798 https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E RedHat Security Advisories: RHSA-2017:2882 https://access.redhat.com/errata/RHSA-2017:2882 RedHat Security Advisories: RHSA-2017:2972 https://access.redhat.com/errata/RHSA-2017:2972 RedHat Security Advisories: RHSA-2017:3018 https://access.redhat.com/errata/RHSA-2017:3018 RedHat Security Advisories: RHSA-2017:3113 https://access.redhat.com/errata/RHSA-2017:3113 RedHat Security Advisories: RHSA-2017:3114 https://access.redhat.com/errata/RHSA-2017:3114 RedHat Security Advisories: RHSA-2017:3193 https://access.redhat.com/errata/RHSA-2017:3193 RedHat Security Advisories: RHSA-2017:3194 https://access.redhat.com/errata/RHSA-2017:3194 RedHat Security Advisories: RHSA-2017:3195 https://access.redhat.com/errata/RHSA-2017:3195 RedHat Security Advisories: RHSA-2017:3239 https://access.redhat.com/errata/RHSA-2017:3239 RedHat Security Advisories: RHSA-2017:3240 https://access.redhat.com/errata/RHSA-2017:3240 RedHat Security Advisories: RHSA-2017:3475 https://access.redhat.com/errata/RHSA-2017:3475 RedHat Security Advisories: RHSA-2017:3476 https://access.redhat.com/errata/RHSA-2017:3476 RedHat Security Advisories: RHSA-2017:3477 https://access.redhat.com/errata/RHSA-2017:3477 http://www.securitytracker.com/id/1039387