yum update httpd | CVE-2017-9798

If this is your first visit, be sure to check out the FAQ by clicking the link (Sorry, coming soon!). You may have to register before you can post: click the register link to proceed.

To start viewing and posting messages, select the forum that you want to visit from the selection below.  Welcome to the forums!

1 post / 0 new

yum update httpd | CVE-2017-9798

Running Apache httpd Server?  It's time to update: Now.

CVE-2017-9798 Apache httpd memory leak

Okay, so I'm a huge fan of RHEL based options, so I would type

sudo yum update httpd -y && sudo service httpd restart

IMMEDIATELY after logging into each and every one of my web servers running Apache.  The reason for this is quite simple, another hit to Apache at the same time as Struts got hit.  There is a new disclosed exploit that leaks Apache's web server memory, which in turn could allow someone to potentially see sensitive data.  While normally one uses GET and POST methods with the HTTP protocol, another method includes OPTIONS, which is how this exploit works.  Per the CVE:

Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.

- CVE-2017-9798

Click the CVE for more details.

Debian Based:

sudo apt-get update httpd && sudo /etc/init.d/apache2 restart

OpenSuse would use YaST:


With YaST, follow YOU guidelines here.

Arch Linux here:

pacman -Syu

In Windows, this Batch will do the trick, but please adapt to your needs

REM That's my web software directory 
CD C:\WebForce 
NET STOP Apache24 
TASKKILL /IM php-cgi.exe /F 
TASKKILL /IM php.exe /F 
TASKKILL /IM httpd.exe /F 
REM configuration, extra modules, etc. 
XCOPY Apache24\conf Apache24_new\conf /e /i /h 
COPY Apache24\modules\mod_evasive2.so Apache24_new\modules 
COPY Apache24\modules\mod_limitipconn.so Apache24_new\modules 
COPY Apache24\modules\mod_fcgid.so Apache24_new\modules 
COPY Apache24\modules\mod_log_rotate.so Apache24_new\modules 
REM Logs directory tree 
XCOPY Apache24\logs Apache24_new\logs /t 
REN Apache24 Apache24_old 
REN Apache24_new Apache24 
NET START Apache24

So any thoughts on this?

Recent Posts

Have you ever wanted to disable offloading of all your Xen DomU's? How about doing it without having to think... Read more
Video Website Themes It is essential to know how big the video market is. You have a well-operating platform with... Read more
How to create a marketing video that will stand above the rest The business world seems to be advancing every... Read more

Need Support?

Every video, every website, every chatbot, every client - 100% custom products and solutions to make your business run successfully

145 Pine Haven Shores Road #1205 Shelburne, VT

Socialize with us


Go to top