Apache HTTP Server CVE-2017-3167 Authentication Bypass Vulnerability

Bugtraq ID: 99135
Class: Design Error
CVE: CVE-2017-3167
Remote: Yes
Local: No
Published: Jun 19 2017 12:00AM
Updated: Aug 16 2017 08:10AM
Credit: Emmanuel Dreyfus
Vulnerable: Ubuntu Ubuntu Linux 17.04
Ubuntu Ubuntu Linux 16.10
Ubuntu Ubuntu Linux 16.04 LTS
Ubuntu Ubuntu Linux 14.04 LTS
Redhat Software Collections for RHEL 0
Redhat JBoss Web Server 0
Redhat JBoss EWS 2
Redhat Jboss EAP 6
Redhat JBoss Core Services 1
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 6
Redhat Enterprise Linux 6
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 5
IBM i 7.1
IBM i 7.3
IBM i 7.2
IBM HTTP Server 8.5.5 2
IBM HTTP Server 8.5 2
IBM HTTP Server 8.0 9
IBM HTTP Server 7.0 33
IBM HTTP Server 7.0 29
IBM HTTP Server 7.0 .11
IBM HTTP Server 9.0.0.4
IBM HTTP Server 9.0.0.3
IBM HTTP Server 9.0.0.2
IBM HTTP Server 9.0.0.1
IBM HTTP Server 9.0
IBM HTTP Server 8.5.5.9
IBM HTTP Server 8.5.5.8
IBM HTTP Server 8.5.5.7
IBM HTTP Server 8.5.5.6
IBM HTTP Server 8.5.5.5
IBM HTTP Server 8.5.5.4
IBM HTTP Server 8.5.5.3
IBM HTTP Server 8.5.5.11
IBM HTTP Server 8.5.5.10
IBM HTTP Server 8.5.5.1
IBM HTTP Server 8.5.5
IBM HTTP Server 8.5.0.1
IBM HTTP Server 8.5
IBM HTTP Server 8.0.0.7
IBM HTTP Server 8.0.0.6
IBM HTTP Server 8.0.0.5
IBM HTTP Server 8.0.0.4
IBM HTTP Server 8.0.0.3
IBM HTTP Server 8.0.0.2
IBM HTTP Server 8.0.0.13
IBM HTTP Server 8.0.0.12
IBM HTTP Server 8.0.0.11
IBM HTTP Server 8.0.0.1
IBM HTTP Server 8.0
IBM HTTP Server 7.0.4.27
IBM HTTP Server 7.0.0.5
IBM HTTP Server 7.0.0.43
IBM HTTP Server 7.0.0.39
IBM HTTP Server 7.0.0.27
IBM HTTP Server 7.0.0.25
IBM HTTP Server 7.0.0.21
IBM HTTP Server 7.0.0.19
IBM HTTP Server 7.0.0.17
IBM HTTP Server 7.0.0.15
IBM HTTP Server 7.0.0.13
IBM HTTP Server 7.0
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
CentOS CentOS 6
Apache Apache 2.4.25
Apache Apache 2.4.20
Apache Apache 2.4.19
Apache Apache 2.4.18
Apache Apache 2.4.17
Apache Apache 2.4.16
Apache Apache 2.4.14
Apache Apache 2.4.12
Apache Apache 2.4.11
Apache Apache 2.4.10
Apache Apache 2.4.4
Apache Apache 2.2.26
Apache Apache 2.2.25
Apache Apache 2.2.24
Apache Apache 2.2.23
Apache Apache 2.2.15
Apache Apache 2.2.14
Apache Apache 2.2.13
Apache Apache 2.2.12
Apache Apache 2.2.11
Apache Apache 2.2.10
Apache Apache 2.2.3
Apache Apache 2.2.2
Apache Apache 2.2
Apache Apache 2.4.3
Apache Apache 2.4.24
Apache Apache 2.4.2
Apache Apache 2.4.13
Apache Apache 2.4.1
Apache Apache 2.4.0
Apache Apache 2.2.32
Apache Apache 2.2.29
Apache Apache 2.2.22
Apache Apache 2.2.21
Apache Apache 2.2.20
Apache Apache 2.2.19
Apache Apache 2.2.18
Apache Apache 2.2.17
Apache Apache 2.2.1
Not Vulnerable: IBM HTTP Server 9.0.0.5
IBM HTTP Server 8.5.5.12
IBM HTTP Server 8.0.0.14
IBM HTTP Server 7.0.0.45
Apache Apache 2.4.26
Apache Apache 2.2.33-dev


 

Privacy Statement
Copyright 2010, SecurityFocus