Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM21781046737819F9BECB0172803EAC75FA331A489C94879B0B9D69C572F33FCF
HistoryJul 10, 2018 - 8:34 a.m.

Security Bulletin: Security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2017-9798, CVE-2017-12618)

2018-07-1008:34:12
www.ibm.com
22

EPSS

0.974

Percentile

99.9%

JSON

Summary

IBM HTTP Server (IHS) is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section.

Affected Products and Versions

IBM Rational ClearCase, ClearCase Remote Client (CCRC) WAN server/CM Server component.

Versions 8.0.0.x, 8.0.1.x, 9.0.0.x, 9.0.1:

This vulnerability only applies to the CCRC WAN server component.
Versions 7.1.x.x, : Not affected.

Remediation/Fixes

Refer to the following security bulletins for vulnerability details and information about fixes addressed by IBM HTTP Server (IHS) which is shipped with IBM Rational ClearCase.

Principal Product and Version(s) Affected Supporting Product and Version Affected Supporting Product Security Bulletin
IBM Rational ClearCase, versions 8.0.0.x, 8.0.1.x, 9.0.0.x, 9.0.1 IBM HTTP Server versions 8.5.5, 8.5, 8.0, and 7.0 Security Bulletin: Security Vulnerabilities in IBM HTTP Server (CVE-2017-9798, CVE-2017-12618)

ClearCase Versions

|

** Applying the fix**

—|—
8.0.0.x, 8.0.1.x, 9.0.0.x, 9.0.1| Apply the appropriate IBM HTTP Server fix directly to your CCRC WAN server host. No ClearCase-specific steps are necessary.

Related

ibm 23
nessus 60
osv 6
openvas 34
nvd 2
archlinux 2
redhatcve 2
cve 2
prion 2
debian 4
ubuntucve 2
mageia 3
ubuntu 3
debiancve 2
amazon 2
cvelist 2
fedora 4
hackerone 1
redhat 13
httpd 2
altlinux 3
veracode 1
centos 2
packetstorm 1
metasploit 1
checkpoint_advisories 2
f5 1
alpinelinux 1
exploitpack 1
exploitdb 1
freebsd 1
oraclelinux 2
slackware 1
seebug 1
zdt 1
attackerkb 1
photon 1
trendmicroblog 1
avleonov 1
gentoo 1
suse 1
symantec 1
kitploit 1
ibm
ibm
Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server bundled with IBM WebSphere Application Server Patterns and IBM WebSphere Application Server for Cloud (CVE-2017-9798, CVE-2017-12618)
2018-06-15 07:08:31
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway (CVE-2017-9798, CVE-2017-12618)
2018-06-16 22:04:11
Security Bulletin: A security vulnerability has been identified in the IBM HTTP server component of IBM WebSphere Application Server shipped with IBM Tivoli Security Policy Manager (CVE-2017-12618)
2018-06-16 22:04:22
nessus
nessus
IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.15 / 8.5.0.0 < 8.5.5.13 / 9.0.0.0 < 9.0.0.6 Multiple Vulnerabilities (298437)
2020-12-10 00:00:00
Debian DLA-1163-1 : apr-util security update
2017-11-07 00:00:00
Ubuntu 16.04 ESM : APR-util vulnerability (USN-5737-1)
2022-11-23 00:00:00
osv
osv
apr-util - security update
2017-11-06 00:00:00
apr-util-devel-1.6.1-7.8 on GA media
2024-06-15 00:00:00
apr-util vulnerability
2022-11-23 10:09:39
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:3278-1)
2021-04-19 00:00:00
Fedora Update for apr-util FEDORA-2017-329e5fb4c9
2017-11-23 00:00:00
Huawei EulerOS: Security Advisory for apr-util (EulerOS-SA-2023-1243)
2023-01-31 00:00:00
nvd
nvd
CVE-2017-12618
2017-10-24 01:29:02
CVE-2017-9798
2017-09-18 15:29:00
archlinux
archlinux
[ASA-201710-33] apr-util: denial of service
2017-10-27 00:00:00
[ASA-201709-15] apache: information disclosure
2017-09-18 00:00:00
redhatcve
redhatcve
CVE-2017-12618
2017-10-26 09:48:57
CVE-2017-9798
2019-10-09 11:45:40
cve
cve
CVE-2017-12618
2017-10-24 01:29:02
CVE-2017-9798
2017-09-18 15:29:00
prion
prion
Out-of-bounds
2017-10-24 01:29:00
Design/Logic Flaw
2017-09-18 15:29:00
debian
debian
[SECURITY] [DLA 1163-1] apr-util security update
2017-11-06 21:39:07
[SECURITY] [DSA 3980-1] apache2 security update
2017-09-20 09:20:19
[SECURITY] [DSA 3980-1] apache2 security update
2017-09-20 09:20:19
ubuntucve
ubuntucve
CVE-2017-12618
2017-10-24 00:00:00
CVE-2017-9798
2017-09-18 00:00:00
mageia
mageia
Updated apr-util packages fix security vulnerability
2017-11-27 00:18:31
Updated apache packages fix security vulnerability
2018-01-01 13:38:51
Updated apache packages fix security vulnerability
2018-01-01 13:38:51
ubuntu
ubuntu
APR-util vulnerability
2022-11-23 00:00:00
Apache HTTP Server vulnerability
2017-09-19 00:00:00
Apache HTTP Server vulnerability
2017-10-24 00:00:00
debiancve
debiancve
CVE-2017-12618
2017-10-24 01:29:02
CVE-2017-9798
2017-09-18 15:29:00
amazon
amazon
Medium: apr-util
2017-12-05 21:59:00
Important: httpd24, httpd
2017-09-18 15:32:00
cvelist
cvelist
CVE-2017-12618
2017-10-24 01:00:00
CVE-2017-9798
2017-09-18 15:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: apr-util-1.5.4-6.fc26
2017-11-15 20:21:54
[SECURITY] Fedora 26 Update: httpd-2.4.27-3.fc26
2017-09-22 18:54:37
[SECURITY] Fedora 27 Update: httpd-2.4.27-8.fc27
2017-09-30 07:40:09
hackerone
hackerone
Internet Bug Bounty: Optionsbleed / CVE-2017-9798
2017-09-19 18:04:00
redhat
redhat
(RHSA-2017:2882) Moderate: httpd security update
2017-10-11 15:17:48
(RHSA-2017:3018) Moderate: httpd24 security, bug fix, and enhancement update
2017-10-24 08:16:35
(RHSA-2017:2972) Moderate: httpd security update
2017-10-19 14:54:11
httpd
httpd
Apache Httpd < 2.4.28 : Use-after-free when using <Limit > with an unrecognized method in .htaccess ("OptionsBleed")
2017-07-12 00:00:00
Apache Httpd < 2.2.35-never : Use-after-free when using <Limit > with an unrecognized method in .htaccess ("OptionsBleed")
2017-07-12 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package apache2 version 1:2.4.28-alt1
2017-10-10 00:00:00
Security fix for the ALT Linux 10 package apache2 version 1:2.4.28-alt1
2017-10-10 00:00:00
Security fix for the ALT Linux 9 package apache2 version 1:2.4.28-alt1
2017-10-10 00:00:00
veracode
veracode
Use After Free
2019-01-15 09:20:26
centos
centos
httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update
2017-10-11 20:46:20
httpd, mod_ssl security update
2017-10-20 21:13:38
packetstorm
packetstorm
Apache Optionsbleed Scanner
2024-09-01 00:00:00
metasploit
metasploit
Apache Optionsbleed Scanner
2017-09-27 02:09:07
checkpoint_advisories
checkpoint_advisories
Apache HTTP Optionsbleed Memory Leak (CVE-2017-9798)
2017-09-18 00:00:00
Apache HTTP OptionsBleed Memory Leak Scanner (CVE-2017-9798)
2017-10-15 00:00:00
f5
f5
K70084351 : Apache HTTPD vulnerability CVE-2017-9798
2017-09-19 00:00:00
alpinelinux
alpinelinux
CVE-2017-9798
2017-09-18 15:29:00
exploitpack
exploitpack
Apache 2.2.34 2.4.27 - OPTIONS Memory Leak
2017-09-18 00:00:00
exploitdb
exploitdb
Apache &lt; 2.2.34 / &lt; 2.4.27 - OPTIONS Memory Leak
2017-09-18 00:00:00
freebsd
freebsd
Apache -- HTTP OPTIONS method can leak server memory
2017-09-18 00:00:00
oraclelinux
oraclelinux
httpd security update
2017-10-11 00:00:00
httpd security update
2017-10-19 00:00:00
slackware
slackware
[slackware-security] httpd
2017-09-18 19:20:15
seebug
seebug
HTTP OPTIONS method can leak Apache's server memory(CVE-2017-9798) (Optionsbleed)
2017-09-19 00:00:00
zdt
zdt
Apache - HTTP OPTIONS Memory Leak Exploit
2017-09-18 00:00:00
attackerkb
attackerkb
CVE-2017-9798
2017-09-18 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2017-0077
2017-10-11 00:00:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of September 18, 2017
2017-09-22 14:10:02
avleonov
avleonov
Vulnerability Databases: Classification and Registry
2018-06-05 15:57:41
gentoo
gentoo
Apache: Multiple vulnerabilities
2017-10-29 00:00:00
suse
suse
Security update for virtualbox (important)
2018-04-24 03:20:04
symantec
symantec
Apache HTTP Server Vulnerabilities Jul 2017 - Sep 2018
2018-11-07 08:01:01
kitploit
kitploit
Jok3R - Network And Web Pentest Framework
2019-01-23 12:25:00

EPSS

0.974

Percentile

99.9%

JSON
Related for 21781046737819F9BECB0172803EAC75FA331A489C94879B0B9D69C572F33FCF
ibm23nessus60osv6openvas34nvd2archlinux2redhatcve2cve2prion2debian4ubuntucve2mageia3ubuntu3debiancve2amazon2cvelist2fedora4hackerone1redhat13httpd2altlinux3veracode1centos2packetstorm1metasploit1checkpoint_advisories2f51alpinelinux1exploitpack1exploitdb1freebsd1oraclelinux2slackware1seebug1zdt1attackerkb1photon1trendmicroblog1avleonov1gentoo1suse1symantec1kitploit1