Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2017-7668

Published: 20/06/2017 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 447
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Apache

Vulnerability Summary

The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache http server 2.4.25

apache http server 2.2.32

apache http server 2.4.24

netapp storagegrid -

netapp clustered data ontap -

netapp oncommand unified manager -

redhat enterprise linux desktop 7.0

redhat enterprise linux server aus 7.2

redhat enterprise linux workstation 7.0

redhat enterprise linux server tus 7.2

redhat enterprise linux server 7.0

redhat enterprise linux server tus 7.3

redhat enterprise linux server aus 7.3

redhat enterprise linux server aus 7.4

redhat enterprise linux server tus 7.4

redhat enterprise linux eus 7.3

redhat enterprise linux eus 7.4

redhat enterprise linux eus 7.5

redhat enterprise linux server tus 7.6

redhat enterprise linux server aus 7.6

redhat enterprise linux eus 7.6

redhat enterprise linux eus 7.2

redhat enterprise linux server aus 7.7

redhat enterprise linux server tus 7.7

redhat enterprise linux eus 7.7

debian debian linux 8.0

debian debian linux 9.0

oracle secure global desktop 5.3

apple mac os x

apple mac os x 10.11.6

apple mac os x 10.12.6

Vendor Advisories

Red Hat: Important: httpd security update
Synopsis Important: httpd security update Type/Severity Security Advisory: Important Topic An update for httpd is now available for Red Hat Enterprise Linux 72 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sys ...
Red Hat: Important: httpd security update
Synopsis Important: httpd security update Type/Severity Security Advisory: Important Topic An update for httpd is now available for Red Hat Enterprise Linux 73 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sys ...
Debian Security Advisories: DSA-3896-1 apache2 -- security update
Several vulnerabilities have been found in the Apache HTTPD server CVE-2017-3167 Emmanuel Dreyfus reported that the use of ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed CVE-2017-3169 Vasileios Panopoulos of AdNovum Informatik AG discovered ...
Ubuntu Security Notice: apache2 vulnerabilities
Several security issues were fixed in Apache HTTP Server ...
Ubuntu Security Notice: apache2 vulnerabilities
Several security issues were fixed in Apache HTTP Server ...
Amazon Linux AMI: ALAS-2017-863
ap_find_token() buffer overread:A buffer over-read flaw was found in the httpd's ap_find_token() function A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request (CVE-2017-7668 ) Apache HTTP Request Parsing Whitespace Defects:It was discovered that the HTTP parser in httpd incorrectly allow ...
Red Hat: CVE-2017-7668
A buffer over-read flaw was found in the httpd's ap_find_token() function A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request ...
Arch Linux Issues:
An out-of-bounds read has been found in Apache httpd < 2426 The HTTP strict parsing changes added in 2232 and 2424 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or ...
Tenable Security Advisories: [R1] Tenable.sc 5.13.0 Fixes Multiple Third-Party Vulnerabilities
Tenablesc leverages third-party software to help provide underlying functionality Three separate third-party components (OpenSSL, Apache HTTP Server, SimpleSAMLphp) were found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution and in line with good practice, Tenable opted to upgrade the bun ...

Github Repositories

https://github.com/sergey-pronin/Awesome-Vulnerability-Research

🦄 A curated list of the awesome resources about the Vulnerability Research

Awesome Vulnerability Research 🦄 A curated list of the awesome resources about the Vulnerability Research First things first: There are no exploits in this project Vulnerabilities != Exploits A Vulnerability resides in the software itself, doing nothing on its own If you are really curious about then you’ll find your own way to discover a flow, this list aimed to h

https://github.com/AwMowl/offensive

final project offensive report

offensive final project offensive report Red Team: Summary of Operations Table of Contents Exposed Services Critical Vulnerabilities Exploitation Exposed Services TODO: Fill out the information below Nmap scan results for each machine reveal the below services and OS details: $ nmap nmap -sC -sV --reason -p 22,80,139,445 1921681110

https://github.com/ducducuc111/Awesome-Vulnerability-Research

Awesome Vulnerability Research 🦄 A curated list of the awesome resources about the Vulnerability Research First things first: There are no exploits in this project Vulnerabilities != Exploits A Vulnerability resides in the software itself, doing nothing on its own If you are really curious about then you’ll find your own way to discover a flow, this list aimed to h

https://github.com/securitychampions/Awesome-Vulnerability-Research

🦄 A curated list of the awesome resources about the Vulnerability Research

Awesome Vulnerability Research 🦄 A curated list of the awesome resources about the Vulnerability Research First things first: There are no exploits in this project Vulnerabilities != Exploits A Vulnerability resides in the software itself, doing nothing on its own If you are really curious about then you’ll find your own way to discover a flow, this list aimed to h

https://github.com/gyoisamurai/GyoiThon

GyoiThon is a growing penetration test tool using Machine Learning.

GyoiThon: Next generation penetration test tool Japanese page is here Presentation January 25th,2018:JANOG41 March 23th,2018:Black Hat ASIA 2018 Arsenal August 12th,2018:DEFCON26 DemoLabs October 24th,2018:OWS in CSS2018 November 3rd,2018:AV TOKYO 2018 HIVE December 22-23th,2018:SECCON YOROZU 2018 March 28th,2019:Black Hat ASIA 2019 Arsenal Documents Installation Usage T

https://github.com/malicious0x01/Awesome-Vulnerability-Research

🦄 A curated list of the awesome resources about the Vulnerability Research

Awesome Vulnerability Research 🦄 A curated list of the awesome resources about the Vulnerability Research First things first: There are no exploits in this project Vulnerabilities != Exploits A Vulnerability resides in the software itself, doing nothing on its own If you are really curious about then you’ll find your own way to discover a flow, this list aimed to h

https://github.com/sanand34/Gyoithon-Updated-Ubuntu

With added support for OWASP broken websites testing, Also reports are generated.

GyoiThon: Next generation penetration test tool Check reports on click here Overview GyoiThon is Intelligence Gathering tool for Web Server GyoiThon execute remote access to target Web server and identifies product operated on the server such as CMS, Web server software, Framework, Programming Language etc, And, it can execute exploit modules to identified products using Meta

https://github.com/Mehedi-Babu/Vulnerability_research

Awesome Vulnerability Research 🦄 A curated list of the awesome resources about the Vulnerability Research First things first: There are no exploits in this project Vulnerabilities != Exploits A Vulnerability resides in the software itself, doing nothing on its own If you are really curious about then you’ll find your own way to discover a flow, this list aimed to h

Recent Articles

SAP's Business Client can own entire apps, DDOS them into dust
The Register • Richard Chirgwin • 11 Apr 2018

And that's the worst of ten patches awaiting lucky, lucky SAP admins

SAP has issued its April security update, which brings a waiting world news of ten patch-worthy problems. The nastiest has a CVSS rating of 9.8 and impacts SAP's Business Client, the desktop tool to access much of its wares. Details of the problem are behind a registration wall, but according to ERP Scan, the vulnerability is a memory corruption bug that allows an attacker to inject crafted code into working memory. The outcome can be "complete control” over the application, denial of service,...

Read more...

References

CWE-125http://www.securityfocus.com/bid/99137http://www.securitytracker.com/id/1038711http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttps://security.gentoo.org/glsa/201710-32http://www.debian.org/security/2017/dsa-3896https://support.apple.com/HT208221https://access.redhat.com/errata/RHSA-2017:3194https://access.redhat.com/errata/RHSA-2017:3193https://access.redhat.com/errata/RHSA-2017:2483https://access.redhat.com/errata/RHSA-2017:2479https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03821en_ushttps://security.netapp.com/advisory/ntap-20180601-0002/https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_ushttps://www.tenable.com/security/tns-2019-09https://lists.apache.org/thread.html/55a068b6a5eec0b3198ae7d96a7cb412352d0ffa7716612c5af3745b%40%3Cdev.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3Ehttps://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3Ehttps://access.redhat.com/errata/RHSA-2017:3193https://nvd.nist.govhttps://usn.ubuntu.com/3340-1/https://www.debian.org/security/./dsa-3896
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook