The Latest in IT Security

‘Optionsbleed’ Flaw Causes Apache to Leak Data

20
Sep
2017

22116841470_3998a7318f_c

A vulnerability found in Apache HTTP Server (httpd) can cause certain systems to leak potentially sensitive data in response to HTTP OPTIONS requests, a researcher warned.

The flaw was discovered by freelance journalist and security researcher Hanno Böck, who has dubbed it “Optionsbleed.” Despite having a fancy name that is similar to the critical vulnerability known as Heartbleed due to them both “bleeding” memory contents, Optionsbleed is not as severe or as widespread.

Böck was analyzing HTTP methods in an effort to determine if they have any vulnerabilities when he noticed that requests with the OPTIONS methodmwere returning what appeared to be corrupted data via the “Allow” header.

Read More

Leave a reply


Categories

MONDAY, MARCH 01, 2021
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments