Detections
Analytics

MiracleLinux 4 : httpd24-1.1-18.AXS4, httpd24-httpd-2.4.27-8.AXS4 (AXSA:2017-2405:01)

high Nessus Plugin ID 288994

Synopsis

The remote MiracleLinux host is missing a security update.

Description

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2405:01 advisory.

 * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.
 (CVE-2017-9798) Asianux would like to thank Hanno Bck for reporting this issue.
 Bug Fix(es):
 * The httpd package installation script tried to create both the apache user and group in a single useradd command. Consequently, when the apache group had already been created on the system, the command failed, and the apache user was not created. To fix this bug, the apache group is now created by a separate command, and the apache user is correctly created during httpd installation even when the apache group exists. (BZ#1486843)
 * When installing the httpd24 Software Collection using the yum command, if the apache group already existed on the system with GID other than 48, the apache user was not created. This update fixes the bug. (BZ#1487164)
 * With this update, it is possible to run the mod_rewrite external mapping program as a non-root user. (BZ#1486832)
 * On a Asianux Server 4 system, when the httpd service was stopped twice in a row by running the service httpd stop command, a misleading message was returned: Stopping httpd: [FAILED]. This bug has been fixed. (BZ#1418395)
 * When the service httpd24-httpd graceful command was used on Asianux Server 7 while the httpd24-httpd service was not running, the daemon was started without being tracked by systemd. As a consequence, the daemon ran in an incorrect SELinux domain. This bug has been fixed, and the httpd daemon runs in the correct SELinux domain in the described scenario. (BZ#1440858) Enhancement(s):
 * With this update, the mod_ssl module supports the ALPN protocol on Asianux Server 7.4 and later versions. (BZ#1327548) For further details, see the Asianux Software Collections 3.0 Release Notes linked from the References section.
 CVE-2017-9798 Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27.
 The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/8848

Plugin Details

Severity: High

ID: 288994

File Name: miracle_linux_AXSA-2017-2405.nasl

Version: 1.1

Type: local

Published: 1/16/2026

Updated: 1/16/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.1

Vendor

Vendor Severity: Moderate

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2017-9798

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:httpd24-httpd-devel, p-cpe:/a:miracle:linux:httpd24-httpd-manual, p-cpe:/a:miracle:linux:httpd24-mod_ssl, cpe:/o:miracle:linux:4, p-cpe:/a:miracle:linux:httpd24-httpd, p-cpe:/a:miracle:linux:httpd24-mod_session, p-cpe:/a:miracle:linux:httpd24-mod_ldap, p-cpe:/a:miracle:linux:httpd24-httpd-tools, p-cpe:/a:miracle:linux:httpd24-mod_proxy_html, p-cpe:/a:miracle:linux:httpd24-runtime, p-cpe:/a:miracle:linux:httpd24

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/27/2017

Vulnerability Publication Date: 9/18/2017

Reference Information

CVE: CVE-2017-9798