A buffer over-read flaw was found in the httpd’s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request.

References

bugzilla.redhat.com/show_bug.cgi?id=1463205

httpd.apache.org/security/vulnerabilities_22.html https://httpd.apache.org/security/vulnerabilities_24.html

f5 1

httpd 2

cve 1

ibm 22

checkpoint_advisories 2

hackerone 1

debiancve 1

openvas 18

veracode 1

cvelist 1

nvd 1

alpinelinux 1

prion 1

ubuntucve 1

osv 3

oraclelinux 2

nessus 30

ubuntu 2

debian 3

archlinux 1

freebsd 1

redhat 4

fedora 3

slackware 1

centos 1

symantec 1

amazon 1

gentoo 1

mageia 1

apple 2

oracle 1

K54624443 : Apache HTTPD vulnerability CVE-2017-7668

2017-07-14 00:00:00

httpd

Apache Httpd < 2.2.34 : ap_find_token() Buffer Overread

2017-05-06 00:00:00

Apache Httpd < 2.4.26 : ap_find_token() Buffer Overread

2017-05-06 00:00:00

cve

CVE-2017-7668

2017-06-20 01:29:00

ibm

Security Bulletin: Open Source Apache HTTP Server Vulnerabilities which is used by IBM PureApplication Systems (CVE-2017-7668)

2018-06-15 07:08:07

Security Bulletin: Multiple vulnerabilities in Apache HTTP Server affect IBM API Connect (CVE-2017-7668, CVE-2017-7679)

2018-06-15 07:08:46

Security Bulletin: Security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearQuest (CVE-2017-7679, CVE-2017-7668, CVE-2017-3167)

2020-02-04 16:40:40

checkpoint_advisories

Apache httpd ap_find_token Out of Bounds Read (CVE-2017-7668)

2017-07-31 00:00:00

Apache httpd ap_find_token Out of Bounds Read - Ver2 (CVE-2017-7668)

2018-07-03 00:00:00

hackerone

Internet Bug Bounty: ap_find_token() Buffer Overread

2017-06-20 08:36:29

debiancve

CVE-2017-7668

2017-06-20 01:29:00

openvas

Apache HTTP Server Denial-Of-Service Vulnerability (Jun 2017) - Windows

2017-06-21 00:00:00

Apache HTTP Server Denial-Of-Service Vulnerability (Jun 2017) - Linux

2017-06-21 00:00:00

Ubuntu: Security Advisory (USN-3340-1)

2017-06-27 00:00:00

veracode

Denial Of Service (DoS)

2019-05-02 06:45:16

cvelist

CVE-2017-7668

2017-06-20 01:00:00

nvd

CVE-2017-7668

2017-06-20 01:29:00

alpinelinux

CVE-2017-7668

2017-06-20 01:29:00

prion

Input validation

2017-06-20 01:29:00

ubuntucve

CVE-2017-7668

2017-06-19 00:00:00

osv

CVE-2017-7668

2017-06-20 01:29:00

apache2 - security update

2017-06-22 00:00:00

apache2 - security update

2017-07-02 00:00:00

oraclelinux

httpd security and bug fix update

2017-07-11 00:00:00

httpd security update

2017-08-15 00:00:00

nessus

IBM HTTP Server 7.0.0.0 < 7.0.0.45 / 8.0.0.0 < 8.0.0.14 / 8.5.0.0 < 8.5.5.12 / 9.0.0.0 < 9.0.0.5 Multiple Vulnerabilities (563615)

2021-01-06 00:00:00

Ubuntu 14.04 LTS / 16.04 LTS : Apache HTTP Server vulnerabilities (USN-3340-1)

2017-06-27 00:00:00

Debian DLA-1009-1 : apache2 security update

2017-07-03 00:00:00

ubuntu

Apache HTTP Server vulnerabilities

2017-06-26 00:00:00

Apache HTTP Server vulnerabilities

2017-07-31 00:00:00

debian

[SECURITY] [DLA 1009-1] apache2 security update

2017-07-02 18:48:50

[SECURITY] [DSA 3896-1] apache2 security update

2017-06-22 19:41:41

[SECURITY] [DSA 3896-1] apache2 security update

2017-06-22 19:41:41

archlinux

[ASA-201706-34] apache: multiple issues

2017-06-28 00:00:00

freebsd

Apache httpd -- several vulnerabilities

2017-06-20 00:00:00

redhat

(RHSA-2017:2479) Important: httpd security update

2017-08-15 15:55:44

(RHSA-2017:2483) Important: httpd24-httpd security update

2017-08-16 21:45:48

(RHSA-2017:3194) Important: httpd security update

2017-11-13 16:37:59

fedora

[SECURITY] Fedora 25 Update: httpd-2.4.27-2.fc25

2017-07-15 19:56:05

[SECURITY] Fedora 26 Update: httpd-2.4.26-1.fc26

2017-07-07 23:20:56

[SECURITY] Fedora 24 Update: httpd-2.4.26-1.fc24

2017-07-12 01:54:48

slackware

[slackware-security] httpd

2017-06-29 21:34:52

centos

httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update

2017-08-24 09:43:51

symantec

SA154: Apache httpd Vulnerabilities June 2017

2017-07-20 08:00:00

amazon

Medium: httpd24

2017-08-03 18:53:00

gentoo

Apache: Multiple vulnerabilities

2017-10-29 00:00:00

mageia

Updated apache packages fix security vulnerability

2018-01-01 13:38:51

apple

About the security content of macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan

2017-10-31 00:00:00

About the security content of macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan - Apple Support

2019-04-03 09:42:09

oracle

Oracle Critical Patch Update - October 2017

2017-10-17 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.273 Low

EPSS

Percentile

96.8%

JSON

Related for RH:CVE-2017-7668