Apache – CVE-2017-7668

Description

Kayran has detected that the Version of Apache HTTP Server being used has a ap_find_token() Buffer Overread.

CVE-2017-7668 is categorized as an ‘Out-of-bounds Read’ vulnerability (CWE-125).
That means that the software reads data past the end, or before the beginning, of the intended buffer.

The HTTP strict parsing changes added in your version of Apache introduced a bug in token list parsing. That bug allows ap_find_token() to search past the end of its input string.
By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return a wrong value.

There’s a chance that it will cause a decrease in performance and also for interruptions in the availability of resources.
This could also allow attackers to read sensitive information from other memory locations or cause a crash.

Recommendation

To fix CVE-2017-7668, upgrade the version of Apache HTTP Server being used to either 2.2.34 or 2.4.26.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668

https://cwe.mitre.org/data/definitions/125.html

< Return to all Vulnerabilities

Servers 101

Let’s have a “quick” Servers 101 Course. Courtesy of Kayran! If you’ve been on the internet for over an hour, you probably already heard of

Read More »

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »