CVE-2017-9788
Description
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| debian | bookworm | fixed | 2.4.27-1 |
| debian | bullseye | fixed | 2.4.27-1 |
| debian | forky | fixed | 2.4.27-1 |
| debian | sid | fixed | 2.4.27-1 |
| debian | trixie | fixed | 2.4.27-1 |
| arch | fixed | 2.4.27-1 | |
| sles | affected | | |
| debian | 8.0 | affected | |
| debian | 9.0 | affected | |
| macos | affected | 10.13.1 | |
| rhel | 6.0 | affected | |
| rhel | 7.0 | affected | |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| apache | http_server | {"endIncluding":"2.2.33"} | |
| netapp | oncommand_unified_manager | - | |
| netapp | storage_automation_store | - | |
| redhat | jboss_core_services | 1.0 | |
| redhat | jboss_enterprise_application_platform | 6.0.0 | |
| redhat | jboss_enterprise_application_platform | 6.4.0 | |
| redhat | jboss_enterprise_web_server | 2.0.0 | |
| oracle | secure_global_desktop | 5.3 | |
| apache | http_server | {"startIncluding":"2.4.0","endIncluding":"2.4.26"} | |
References
- https://security-tracker.debian.org/tracker/CVE-2017-9788
- https://security.archlinux.org/ASA-201707-15
- http://www.debian.org/security/2017/dsa-3913
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.securityfocus.com/bid/99569
- http://www.securitytracker.com/id/1038906
- https://access.redhat.com/errata/RHSA-2017:2478
- https://access.redhat.com/errata/RHSA-2017:2479
- https://access.redhat.com/errata/RHSA-2017:2483
- https://access.redhat.com/errata/RHSA-2017:2708
- https://access.redhat.com/errata/RHSA-2017:2709
- https://access.redhat.com/errata/RHSA-2017:2710
- https://access.redhat.com/errata/RHSA-2017:3113
- https://access.redhat.com/errata/RHSA-2017:3114
- https://access.redhat.com/errata/RHSA-2017:3193
- https://access.redhat.com/errata/RHSA-2017:3194
- https://access.redhat.com/errata/RHSA-2017:3195
- https://access.redhat.com/errata/RHSA-2017:3239
- https://access.redhat.com/errata/RHSA-2017:3240
- https://httpd.apache.org/security/vulnerabilities_22.html
- https://httpd.apache.org/security/vulnerabilities_24.html
- https://lists.apache.org/thread.html/0dd69204a6bd643cc4e9ccd008f07a9375525d977c6ebeb07a881afb%40%3Cannounce.httpd.apache.org%3E
- https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
CWEs
CWE-20 CWE-200
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.