vulnerability

Ubuntu: (Multiple Advisories) (CVE-2017-9798): Apache HTTP Server vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Sep 18, 2017	Sep 19, 2017	Aug 18, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Sep 18, 2017

Added

Sep 19, 2017

Modified

Aug 18, 2025

Description

Hanno Böck discovered that the Apache HTTP Server incorrectly handled
Limit directives in .htaccess files. In certain configurations, a remote
attacker could possibly use this issue to read arbitrary server memory,
including sensitive information. This issue is known as Optionsbleed.

Solutions

ubuntu-upgrade-apache2-2-binubuntu-upgrade-apache2-bin

References

CVE-2017-9798
https://attackerkb.com/topics/CVE-2017-9798
CWE-416
DEBIAN-DSA-3980
NVD-CVE-2017-9798
UBUNTU-USN-3425-1
UBUNTU-USN-3425-2

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today