7.5
CVSSv2

CVE-2017-3169

Published: 20/06/2017 Updated: 07/11/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 672
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

In Apache httpd 2.2.x prior to 2.2.33 and 2.4.x prior to 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache http server 2.2.23

apache http server 2.4.1

apache http server 2.4.20

apache http server 2.2.11

apache http server 2.2.0

apache http server 2.2.31

apache http server 2.2.13

apache http server 2.2.2

apache http server 2.4.12

apache http server 2.2.17

apache http server 2.2.16

apache http server 2.2.21

apache http server 2.4.23

apache http server 2.4.10

apache http server 2.2.14

apache http server 2.2.24

apache http server 2.2.25

apache http server 2.2.30

apache http server 2.2.22

apache http server 2.2.19

apache http server 2.2.27

apache http server 2.4.25

apache http server 2.4.18

apache http server 2.2.18

apache http server 2.2.12

apache http server 2.2.32

apache http server 2.2.29

apache http server 2.2.3

apache http server 2.4.2

apache http server 2.2.15

apache http server 2.2.20

apache http server 2.4.17

apache http server 2.4.16

apache http server 2.2.26

Vendor Advisories

Synopsis Important: httpd security update Type/Severity Security Advisory: Important Topic An update for httpd is now available for Red Hat Enterprise Linux 67 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sys ...
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2423 security update Type/Severity Security Advisory: Important Topic An update is now available for JBoss Core Services on RHEL 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabi ...
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2423 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Core ServicesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2423 security update Type/Severity Security Advisory: Important Topic An update is now available for JBoss Core Services on RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabi ...
Synopsis Important: httpd security update Type/Severity Security Advisory: Important Topic An update for httpd is now available for Red Hat Enterprise Linux 72 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sys ...
Synopsis Important: httpd security update Type/Severity Security Advisory: Important Topic An update for httpd is now available for Red Hat Enterprise Linux 73 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sys ...
A NULL pointer dereference flaw was found in the httpd's mod_ssl module A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request ...
A NULL-pointer dereference leading to denial of service has been found in the mod_ssl component of Apache httpd < 2426 mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port ...
Several security issues were fixed in Apache HTTP Server ...
Several security issues were fixed in Apache HTTP Server ...
Several vulnerabilities have been found in the Apache HTTPD server CVE-2017-3167 Emmanuel Dreyfus reported that the use of ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed CVE-2017-3169 Vasileios Panopoulos of AdNovum Informatik AG discovered ...
A NULL pointer dereference flaw was found in the httpd's mod_ssl module A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request (CVE-2017-3169) It was discovered that the use of httpd's ap_get_basic_auth_pw() API function ...
ap_find_token() buffer overread:A buffer over-read flaw was found in the httpd's ap_find_token() function A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request (CVE-2017-7668 ) Apache HTTP Request Parsing Whitespace Defects:It was discovered that the HTTP parser in httpd incorrectly allow ...
Tenablesc leverages third-party software to help provide underlying functionality Three separate third-party components (OpenSSL, Apache HTTP Server, SimpleSAMLphp) were found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution and in line with good practice, Tenable opted to upgrade the bun ...

Github Repositories

final project offensive report

offensive final project offensive report Red Team: Summary of Operations Table of Contents Exposed Services Critical Vulnerabilities Exploitation Exposed Services TODO: Fill out the information below Nmap scan results for each machine reveal the below services and OS details: $ nmap nmap -sC -sV --reason -p 22,80,139,445 1921681110

GyoiThon is a growing penetration test tool using Machine Learning.

GyoiThon: Next generation penetration test tool Japanese page is here Presentation January 25th,2018:JANOG41 March 23th,2018:Black Hat ASIA 2018 Arsenal August 12th,2018:DEFCON26 DemoLabs October 24th,2018:OWS in CSS2018 November 3rd,2018:AV TOKYO 2018 HIVE December 22-23th,2018:SECCON YOROZU 2018 March 28th,2019:Black Hat ASIA 2019 Arsenal Documents Installation Usage T

With added support for OWASP broken websites testing, Also reports are generated.

GyoiThon: Next generation penetration test tool Check reports on click here Overview GyoiThon is Intelligence Gathering tool for Web Server GyoiThon execute remote access to target Web server and identifies product operated on the server such as CMS, Web server software, Framework, Programming Language etc, And, it can execute exploit modules to identified products using Meta

nrich A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities Can also be fed data from stdin to be used in a data pipeline nrich fetches information via the InternetDB API and the vulnerability assessment technique is documented in the help center Installation Grab the latest release for your operating system For e

A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities. Can also be fed data from stdin to be used in a data pipeline.

nrich A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities Can also be fed data from stdin to be used in a data pipeline nrich fetches information via the InternetDB API and the vulnerability assessment technique is documented in the help center Installation Grab the latest release for your operating system For e

DC-3 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing. As with the previous DC releases, this one is designed with beginners in mind, although this time around, there is only one flag, one entry point and no clues at all.

DC 3: Vulnhub Walkthrough DESCRIPTION: DC-3 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing As with the previous DC releases, this one is designed with beginners in mind, although this time around, there is only one flag, one entry point and no clues at all Linux skills and familiarity with the Linux command

DC-1 is a purposely built vulnerable lab for the purpose of gaining experience in the world of penetration testing. It was designed to be a challenge for beginners, but just how easy it is will depend on your skills and knowledge, and your ability to learn.

DC 1: Vulnhub Walkthrough DESCRIPTION: DC-1 is a purposely built vulnerable lab for the purpose of gaining experience in the world of penetration testing It was designed to be a challenge for beginners, but just how easy it is will depend on your skills and knowledge, and your ability to learn To successfully complete this challenge, you will require Linux skills, familiarity

DC-2 is a purposely built vulnerable lab for the purpose of gaining experience in the world of penetration testing. It was designed to be a challenge for beginners, but just how easy it is will depend on your skills and knowledge, and your ability to learn. To successfully complete this challenge, you will require Linux skills, familiarity with …

DC-2: Vulnhub Walkthrough Description: DC-2 is a purposely built vulnerable lab for the purpose of gaining experience in the world of penetration testing It was designed to be a challenge for beginners, but just how easy it is will depend on your skills and knowledge, and your ability to learn To successfully complete this challenge, you will require Linux skills, familiarity

Fast IP Lookups for Open Ports and Vulnerabilities

internetdb Fast IP Lookups for Open Ports and Vulnerabilities Description Shodan shodanio/ scans the internet for hosts and services and maintains a few APIs into that data One API is the InternetDB internetdbshodanio/, which allows for free querying of open ports and vulnerabilities Tools are provided to query this servce What’s Inside The Tin The f

A python tool to quickly analyze all IPs and see which ones have open ports and vulnerabilities

Strike A python tool to quickly analyze all IPs and see which ones have open ports and vulnerabilities Installation apt-get install python3 git clone githubcom/SecureAxom/strike cd strike pip3 install -r requirementstxt python3 strikepy Usages python3 strikepy -h python3 strikepy -t 20891

Pigat:一款被动信息收集聚合工具 🚀 前言 Pigat(Passive Intelligence Gathering Aggregation Tool)被动信息收集聚合工具,该工具通过爬取目标URL在第三方网站比如备案查询网站、子域名查询网站的结果来对目标进行被动信息收集。 开发此工具的初衷就是平时在使用一些第三方的网站进行目标信息

Skynet Nmap: Sprawdzam co mogę znaleść za pomocą narzędzia nmap Nmap pokazuje mi otwarte porty i dostępne usługi ─$ sudo nmap -Pn -A -sV --script=default,vuln -p- --open -oA Skynet_nmap 10103727 [sudo] password for kali: Starting Nmap 794 ( nmaporg ) at 2023-06-29 03:53 EDT Nmap scan report for 10103727 Host is up (0081s latency) Not shown: 65529

Shodan search tool with api

Shodan Search Script Shodan script for easy search on Shodan First by first you need CHANGE API KEY, with your API key in code Usage; python3 shodanScriptpy -f dorkListtxt python3 shodanScriptpy -k "net:'21021400/16'" python3 shodanScriptpy -k "httptitle:'ID_VC_Welcome' country:'tr'"

This is a boot2root VM and is a continuation of the Basic Pentesting series. This series is designed to help newcomers to penetration testing develop pentesting skills and have fun exploring part of the offensive side of security. VirtualBox is the recommended platform for this challenge (though it should also work with VMware -- however, I have…

Basic-Pentesting-2 DESCRIPTION: This is a boot2root VM and is a continuation of the Basic Pentesting series This series is designed to help newcomers to penetration testing develop pentesting skills and have fun exploring part of the offensive side of security VirtualBox is the recommended platform for this challenge (though it should also work with VMware -- however, I have

This is a boot2root VM and is a continuation of the Basic Pentesting series. This series is designed to help newcomers to penetration testing develop pentesting skills and have fun exploring part of the offensive side of security. VirtualBox is the recommended platform for this challenge (though it should also work with VMware -- however, I have…

Basic-Pentesting-2 DESCRIPTION: This is a boot2root VM and is a continuation of the Basic Pentesting series This series is designed to help newcomers to penetration testing develop pentesting skills and have fun exploring part of the offensive side of security VirtualBox is the recommended platform for this challenge (though it should also work with VMware -- however, I have

References

CWE-476http://www.securityfocus.com/bid/99134http://www.securitytracker.com/id/1038711https://www.nomachine.com/SU08O00185http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttps://security.gentoo.org/glsa/201710-32http://www.debian.org/security/2017/dsa-3896https://support.apple.com/HT208221https://access.redhat.com/errata/RHSA-2017:3195https://access.redhat.com/errata/RHSA-2017:3194https://www.tenable.com/security/tns-2019-09https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_ushttps://security.netapp.com/advisory/ntap-20180601-0002/https://github.com/gottburgm/Exploits/tree/master/CVE-2017-3169https://access.redhat.com/errata/RHSA-2017:2478https://access.redhat.com/errata/RHSA-2017:2479https://access.redhat.com/errata/RHSA-2017:2483https://access.redhat.com/errata/RHSA-2017:3475https://access.redhat.com/errata/RHSA-2017:3476https://access.redhat.com/errata/RHSA-2017:3477https://access.redhat.com/errata/RHSA-2017:3193https://lists.apache.org/thread.html/84bf7fcc5cad35d355f11839cbdd13cbc5ffc1d34675090bff0f96ae%40%3Cdev.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3Ehttps://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2017:3195https://github.com/AwMowl/offensivehttps://access.redhat.com/security/cve/cve-2017-3169https://usn.ubuntu.com/3340-1/