yum update httpd | CVE-2017-9798

If this is your first visit, be sure to check out the FAQ by clicking the link (Sorry, coming soon!). You may have to register before you can post: click the register link to proceed.

To start viewing and posting messages, select the forum that you want to visit from the selection below.  Welcome to the forums!

1 post / 0 new

yum update httpd | CVE-2017-9798

Running Apache httpd Server?  It's time to update: Now.

CVE-2017-9798 Apache httpd memory leak

Okay, so I'm a huge fan of RHEL based options, so I would type

sudo yum update httpd -y && sudo service httpd restart

IMMEDIATELY after logging into each and every one of my web servers running Apache.  The reason for this is quite simple, another hit to Apache at the same time as Struts got hit.  There is a new disclosed exploit that leaks Apache's web server memory, which in turn could allow someone to potentially see sensitive data.  While normally one uses GET and POST methods with the HTTP protocol, another method includes OPTIONS, which is how this exploit works.  Per the CVE:

Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.

- CVE-2017-9798

Click the CVE for more details.

Debian Based:

sudo apt-get update httpd && sudo /etc/init.d/apache2 restart

OpenSuse would use YaST:

yast

With YaST, follow YOU guidelines here.

Arch Linux here:

pacman -Syu

In Windows, this Batch will do the trick, but please adapt to your needs

PAUSE 
REM That's my web software directory 
CD C:\WebForce 
NET STOP Apache24 
TASKKILL /IM php-cgi.exe /F 
TASKKILL /IM php.exe /F 
TASKKILL /IM httpd.exe /F 
REM configuration, extra modules, etc. 
XCOPY Apache24\conf Apache24_new\conf /e /i /h 
COPY Apache24\modules\mod_evasive2.so Apache24_new\modules 
COPY Apache24\modules\mod_limitipconn.so Apache24_new\modules 
COPY Apache24\modules\mod_fcgid.so Apache24_new\modules 
COPY Apache24\modules\mod_log_rotate.so Apache24_new\modules 
REM Logs directory tree 
XCOPY Apache24\logs Apache24_new\logs /t 
REN Apache24 Apache24_old 
REN Apache24_new Apache24 
NET START Apache24
PAUSE

So any thoughts on this?

Recent Posts

Video Marketing for Business: Here is what the experts are saying If you are an entrepreneur in this era, you... Read more
Brand Yourself for Web Marketing It's time to talk about the feature that will set you apart from your competition... Read more
Time to Make your Presence on the Web Felt: How Much you Should invest? You know what you want to... Read more

Need Support?


Every video, every website, every chatbot, every client - 100% custom products and solutions to make your business run successfully

145 Pine Haven Shores Road #1205 Shelburne, VT

Recent Tweets

  • This needs to end... Senseless violence all for what? https://t.co/mNMP0uMnJN 2 weeks 1 hour ago
  • RT : My warmest condolences and sympathies to the victims and families of the terrible Las Vegas shooting. God bless you! 2 weeks 1 hour ago
  • RT : Michelle & I are praying for the victims in Las Vegas. Our thoughts are with their families & everyone enduring another senseless tragedy. 2 weeks 1 hour ago
  • RT : Las Vegas update: - At least 400 wounded taken to hospitals, per police - Gunman found dead in hotel room https://t.co/5EOndn2tkj 2 weeks 1 hour ago
  • RT : Keep us in your thoughts - its a very difficult and tragic evening for a lot of people ,… https://t.co/mf7x29rD9Y 2 weeks 1 hour ago

Socialize with us

               


Go to top