Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Update for httpd RHSA-2017:2972-01
Summary:The remote host is missing an update for the 'httpd'; package(s) announced via the referenced advisory.
The remote host is missing an update for the 'httpd'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The httpd packages provide the Apache HTTP
Server, a powerful, efficient, and extensible web server.

Security Fix(es):

* A use-after-free flaw was found in the way httpd handled invalid and
previously unregistered HTTP methods specified in the Limit directive used
in an .htaccess file. A remote attacker could possibly use this flaw to
disclose portions of the server memory, or cause httpd child process to
crash. (CVE-2017-9798)

* A regression was found in the Red Hat Enterprise Linux 6.9 version of
httpd, causing comments in the 'Allow' and 'Deny' configuration lines to be
parsed incorrectly. A web administrator could unintentionally allow any
client to access a restricted HTTP resource. (CVE-2017-12171)

Red Hat would like to thank Hanno Bck for reporting CVE-2017-9798 and
KAWAHARA Masashi for reporting CVE-2017-12171.

Affected Software/OS:
httpd on
Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)

Please Install the Updated Packages.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-9798
BugTraq ID: 100872
BugTraq ID: 105598
Debian Security Information: DSA-3980 (Google Search)
RedHat Security Advisories: RHSA-2017:2882
RedHat Security Advisories: RHSA-2017:2972
RedHat Security Advisories: RHSA-2017:3018
RedHat Security Advisories: RHSA-2017:3113
RedHat Security Advisories: RHSA-2017:3114
RedHat Security Advisories: RHSA-2017:3193
RedHat Security Advisories: RHSA-2017:3194
RedHat Security Advisories: RHSA-2017:3195
RedHat Security Advisories: RHSA-2017:3239
RedHat Security Advisories: RHSA-2017:3240
RedHat Security Advisories: RHSA-2017:3475
RedHat Security Advisories: RHSA-2017:3476
RedHat Security Advisories: RHSA-2017:3477
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.