Intrusion Prevention

Apache.Optionsbleed.Scanner

Description

This indicates detection of an attempt scan to exploit an Information Disclosure vulnerability in Apache HTTP Server.
The vulnerability is due to a misconfiguration error in target system's .htaccess file when target system handling HTTP requests. A remote attacker can exploit this to gain access to secret data from process memory.
Signature for this vulnerability is a rate based signature and will trigger at a rate of 10 request per 50 second.

Affected Products

Apache HTTP Server 2.2.34 and prior
Apache HTTP Server 2.4.27 and prior
Debian Linux 7.0 to 9.0

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Upgrade to the latest version available from the website.
https://svn.apache.org/viewvc?view=revision&revision=1807754

CVE References

CVE-2017-9798

Other References

1807754 42745