CVE-2017-7679

Severity

Theme

CVE-2017-7679

critical

New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.

References

https://lists.apache.org/thread.html/[email protected]%3Cdev.httpd.apache.org%3E

http://www.securityfocus.com/bid/99170

http://www.securitytracker.com/id/1038711

https://www.nomachine.com/SU08O00185

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

https://security.gentoo.org/glsa/201710-32

http://www.debian.org/security/2017/dsa-3896

https://support.apple.com/HT208221

https://access.redhat.com/errata/RHSA-2017:3195

https://access.redhat.com/errata/RHSA-2017:3194

https://access.redhat.com/errata/RHSA-2017:3193

https://access.redhat.com/errata/RHSA-2017:3477

https://access.redhat.com/errata/RHSA-2017:3476

https://access.redhat.com/errata/RHSA-2017:3475

https://access.redhat.com/errata/RHSA-2017:2483

https://access.redhat.com/errata/RHSA-2017:2479

https://access.redhat.com/errata/RHSA-2017:2478

https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03821en_us

https://security.netapp.com/advisory/ntap-20180601-0002/

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://www.tenable.com/security/tns-2019-09

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

Details

Source: MITRE

Published: 2017-06-20

Updated: 2021-06-06

Type: CWE-119

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*

Tenable Plugins

View all (46 total)

ID	Name	Product	Family	Severity
144778	IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.14 / 8.5.0.0 < 8.5.5.12 / 9.0.0.0 < 9.0.0.5 Multiple Vulnerabilities (563615)	Nessus	Web Servers	critical
127360	NewStart CGSL MAIN 4.05 : httpd Multiple Vulnerabilities (NS-SA-2019-0118)	Nessus	NewStart CGSL Local Security Checks	critical
125637	Symantec Content Analysis < 2.3.1.1 affected by Multiple Vulnerabilities (SYMSA1410)	Nessus	Misc.	critical
124922	EulerOS Virtualization 3.0.1.0 : httpd (EulerOS-SA-2019-1419)	Nessus	Huawei Local Security Checks	critical
124892	EulerOS Virtualization for ARM 64 3.0.1.0 : httpd (EulerOS-SA-2019-1389)	Nessus	Huawei Local Security Checks	critical
700511	macOS < 10.13 Multiple Vulnerabilities	Nessus Network Monitor	Operating System Detection	critical
98911	Apache 2.4.x < 2.4.26 Multiple Vulnerabilities	Web Application Scanning	Component Vulnerability	critical
119222	Virtuozzo 6 : httpd / httpd-devel / httpd-manual / httpd-tools / etc (VZLSA-2017-2478)	Nessus	Virtuozzo Local Security Checks	critical
110058	F5 Networks BIG-IP : Apache HTTPD vulnerability (K75429050)	Nessus	F5 Networks Local Security Checks	critical
108520	Juniper Junos Space < 17.2R1 Multiple Vulnerabilities (JSA10838)	Nessus	Junos Local Security Checks	critical
105369	RHEL 6 : Red Hat JBoss Core Services Apache HTTP Server 2.4.23 (RHSA-2017:3477) (Optionsbleed)	Nessus	Red Hat Local Security Checks	critical
105368	RHEL 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.23 (RHSA-2017:3476) (Optionsbleed)	Nessus	Red Hat Local Security Checks	critical
104541	RHEL 6 : httpd (RHSA-2017:3195) (Optionsbleed)	Nessus	Red Hat Local Security Checks	critical
104540	RHEL 7 : httpd (RHSA-2017:3194) (Optionsbleed)	Nessus	Red Hat Local Security Checks	critical
104539	RHEL 7 : httpd (RHSA-2017:3193) (Optionsbleed)	Nessus	Red Hat Local Security Checks	critical
104379	macOS and Mac OS X Multiple Vulnerabilities (Security Update 2017-001 and 2017-004)	Nessus	MacOS X Local Security Checks	critical
104270	SUSE SLES11 Security Update : apache2 (SUSE-SU-2017:2907-1) (Optionsbleed)	Nessus	SuSE Local Security Checks	critical
104233	GLSA-201710-32 : Apache: Multiple vulnerabilities (Optionsbleed)	Nessus	Gentoo Local Security Checks	critical
103961	SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:2756-1) (Optionsbleed)	Nessus	SuSE Local Security Checks	critical
103673	FireEye Operating System Multiple Vulnerabilities (AX < 7.7.7 / EX < 8.0.1)	Nessus	Firewalls	critical
103598	macOS < 10.13 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	critical
103226	Amazon Linux AMI : httpd (ALAS-2017-892)	Nessus	Amazon Linux Local Security Checks	critical
103215	SUSE SLES12 Security Update : Recommended update for apache2 (SUSE-SU-2017:2449-1)	Nessus	SuSE Local Security Checks	critical
103016	EulerOS 2.0 SP2 : httpd (EulerOS-SA-2017-1178)	Nessus	Huawei Local Security Checks	critical
103015	EulerOS 2.0 SP1 : httpd (EulerOS-SA-2017-1177)	Nessus	Huawei Local Security Checks	critical
102767	CentOS 7 : httpd (CESA-2017:2479)	Nessus	CentOS Local Security Checks	critical
102668	Scientific Linux Security Update : httpd on SL7.x x86_64 (20170815)	Nessus	Scientific Linux Local Security Checks	critical
102535	RHEL 6 : httpd (RHSA-2017:2478)	Nessus	Red Hat Local Security Checks	critical
102521	Scientific Linux Security Update : httpd on SL6.x i386/x86_64 (20170815)	Nessus	Scientific Linux Local Security Checks	critical
102519	RHEL 7 : httpd (RHSA-2017:2479)	Nessus	Red Hat Local Security Checks	critical
102515	Oracle Linux 7 : httpd (ELSA-2017-2479)	Nessus	Oracle Linux Local Security Checks	critical
102514	Oracle Linux 6 : httpd (ELSA-2017-2478)	Nessus	Oracle Linux Local Security Checks	critical
102505	CentOS 6 : httpd (CESA-2017:2478)	Nessus	CentOS Local Security Checks	critical
102178	Amazon Linux AMI : httpd24 (ALAS-2017-863)	Nessus	Amazon Linux Local Security Checks	critical
101787	Apache 2.2.x < 2.2.34 Multiple Vulnerabilities	Nessus	Web Servers	critical
101778	Fedora 25 : httpd (2017-9ded7c5670)	Nessus	Fedora Local Security Checks	critical
101670	Fedora 26 : httpd (2017-81976b6a91)	Nessus	Fedora Local Security Checks	critical
101511	Fedora 24 : httpd (2017-cf9599a306)	Nessus	Fedora Local Security Checks	critical
101283	openSUSE Security Update : apache2 (openSUSE-2017-786)	Nessus	SuSE Local Security Checks	critical
101175	Debian DLA-1009-1 : apache2 security update	Nessus	Debian Local Security Checks	critical
101117	Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : httpd (SSA:2017-180-03)	Nessus	Slackware Local Security Checks	critical
101109	SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:1714-1)	Nessus	SuSE Local Security Checks	critical
101062	Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : apache2 vulnerabilities (USN-3340-1)	Nessus	Ubuntu Local Security Checks	critical
101013	Debian DSA-3896-1 : apache2 - security update	Nessus	Debian Local Security Checks	critical
100995	Apache 2.2.x < 2.2.33-dev / 2.4.x < 2.4.26 Multiple Vulnerabilities	Nessus	Web Servers	critical
100881	FreeBSD : Apache httpd -- several vulnerabilities (0c2db2aa-5584-11e7-9a7d-b499baebfeaf)	Nessus	FreeBSD Local Security Checks	critical