Lucene search

K
ubuntu
UbuntuUSN-3425-1
HistorySep 19, 2017 - 12:00 a.m.

Apache HTTP Server vulnerability

2017-09-1900:00:00
ubuntu.com
47

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

8 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.973 High

EPSS

Percentile

99.9%

Releases

  • Ubuntu 17.04
  • Ubuntu 16.04 ESM
  • Ubuntu 14.04 ESM

Packages

  • apache2 - Apache HTTP server

Details

Hanno Böck discovered that the Apache HTTP Server incorrectly handled
Limit directives in .htaccess files. In certain configurations, a remote
attacker could possibly use this issue to read arbitrary server memory,
including sensitive information. This issue is known as Optionsbleed.

Rows per page:
1-10 of 511
Use Vulners API to create your own security tool

API usage cases
  • Network scanning
  • Linux Patch management
  • Threat protection
  • No network audit solution

Ways of integration

Integrate Vulners API

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

8 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.973 High

EPSS

Percentile

99.9%

Related for USN-3425-1