CVE-2017-7668 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2017-7668?

CVE-2017-7668 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2017-7668?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Http Server, Netapp Clustered Data Ontap, Netapp Oncommand Unified Manager, Netapp Storagegrid, Redhat Enterprise Linux Desktop.

Vulnerability Description

The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Apache	Http Server	2.2.32
Netapp	Clustered Data Ontap	-
Netapp	Oncommand Unified Manager	-
Netapp	Storagegrid	-
Redhat	Enterprise Linux Desktop	7.0
Redhat	Enterprise Linux Eus	7.2
Redhat	Enterprise Linux Server	7.0
Redhat	Enterprise Linux Server Aus	7.2
Redhat	Enterprise Linux Server Tus	7.2
Redhat	Enterprise Linux Workstation	7.0
Debian	Debian Linux	8.0
Oracle	Secure Global Desktop	5.3
Apple	Mac Os X	< 10.13.1

Related Weaknesses (CWE)

CWE-126 CWE-125

References

http://www.debian.org/security/2017/dsa-3896Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlPatchThird Party Advisory
http://www.securityfocus.com/bid/99137Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1038711Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2017:2479Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2483Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3193Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3194Third Party Advisory
https://lists.apache.org/thread.html/55a068b6a5eec0b3198ae7d96a7cb412352d0ffa771
https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cd
https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e10
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f74
https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935
https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76f

FAQ

What is CVE-2017-7668?

CVE-2017-7668 is a vulnerability with a CVSS score of 7.5 (HIGH). The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously ...

How severe is CVE-2017-7668?

CVE-2017-7668 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-7668?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Http Server, Netapp Clustered Data Ontap, Netapp Oncommand Unified Manager, Netapp Storagegrid, Redhat Enterprise Linux Desktop.