Skip to main content

Apache Optionsbleed Vulnerability

A vulnerability within the widely used Apache Web Server has been discovered. The bug designated CVE-2017-9798 has been called "Optionsbleed", due its similarity to the deadly vulnerability Heartbleed and Ticketbleed. The vulnerability causes servers to leak pieces of arbitrary memory in a way that could expose passwords or other sensitive information within data being transmitted during a session. The risk is most pressing in shared hosting environments and only if the software is running a certain configuration.
Threat ID:
CC-1659
Category:
Spyware
Threat Severity:
Medium
Threat Vector:
Exploit
Published:
22 September 2017 12:00 AM
Report a cyber attack: call 0300 303 5222 or email [email protected]

This content has been archived

This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk

Summary

A vulnerability within the widely used Apache Web Server has been discovered. The bug designated CVE-2017-9798 has been called "Optionsbleed", due its similarity to the deadly vulnerability Heartbleed and Ticketbleed. The vulnerability causes servers to leak pieces of arbitrary memory in a way that could expose passwords or other sensitive information within data being transmitted during a session. The risk is most pressing in shared hosting environments and only if the software is running a certain configuration.

Threat details

Optionsbleed leaks smaller chunks of memory compared to Heartbleed, making it much more difficult for an attacker to obtain sensitive information.

The vulnerability is a Use After Free (UAF) type, which is a class of memory corruption bug that has been very successful in browser exploitation. The leaked memory chunks change after multiple requests. A vulnerable host can be attacked any number of times with each time returning a different memory chunk.

The vulnerability can be triggered on an Apache Web Server hosting multiple websites on or on any Apache Web Server if there is no authentication access put in place for the .htaccess file.

Remediation steps

Type Step
• Ensure that the security patch is applied as the earlier possible opportunity.
• Consider looking at historic for high usage of the Options Request that may indicate prior exploitation.

CVE Vulnerabilities

Status

CVE-2017-9798

Last edited: 17 February 2020 11:26 am