{"vulnerability": "cve-2017-9798", "sightings": [{"uuid": "7335faa4-efb2-496d-afe3-6866bfd5ec8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-9798", "type": "seen", "source": "MISP/0cd46e1d-1b7f-4486-85e3-3b763001acf1", "content": "", "creation_timestamp": "2023-12-31T16:18:41.000000Z"}, {"uuid": "ff89b72b-47bb-4be3-aad4-b39e6eceb92a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-9798", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}, {"uuid": "f8dd16a0-2da2-4501-9375-4aaa12897fa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-9798", "type": "seen", "source": "https://t.me/BleepingComputer/1758", "content": "Optionsbleed Bug Leaks Apache Server Memory\n\nCertain Apache server configurations can leak server memory content via a vulnerability called Optionsbleed \u2014 tracked as CVE-2017-9798 \u2014 and detailed on Monday by security researcher Hanno B\u00f6ck. [...]\n\nhttps://www.bleepingcomputer.com/news/security/optionsbleed-bug-leaks-apache-server-memory/", "creation_timestamp": "2017-09-20T16:36:06.000000Z"}, {"uuid": "7768d787-35fc-422b-b7c0-8088411d5410", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-9798", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:01.000000Z"}, {"uuid": "ab3bba60-ecd8-47b9-905b-9cfe22e96322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-9798", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/apache_optionsbleed.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}, {"uuid": "18054c43-d102-4f57-b331-547e12c4cef6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-9798", "type": "seen", "source": "Telegram/oy0dbBE7nfsKRAHLSCKnQ1rQ2k7lu2BiCitRs_7pe50X7S8", "content": "", "creation_timestamp": "2022-06-01T15:53:21.000000Z"}, {"uuid": "3fbd5da7-5408-4fef-8fd9-78dc974ed87e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-9798", "type": "seen", "source": "https://t.me/cyberden_team/354", "content": "\u200b\u041f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0441\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u043c \u0434\u043b\u044f \u0441\u043a\u0430\u043d\u0430 \u043f\u043e\u0440\u0442\u043e\u0432 \u0438 \u043f\u043e\u0438\u0441\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\n\nnrich \u2014 \u043d\u043e\u0432\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 \u043e\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 Shodan \u0434\u043b\u044f \u0431\u044b\u0441\u0442\u0440\u043e\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0441\u043f\u0438\u0441\u043a\u0430 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u0438 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a\u0438\u0435 \u0438\u0437 \u043d\u0438\u0445 \u0438\u043c\u0435\u044e\u0442 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0435 \u043f\u043e\u0440\u0442\u044b/\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\n\n$ wget https://gitlab.com/api/v4/projects/33695681/packages/generic/nrich/latest/nrich_latest_amd64.deb\n$ sudo dpkg -i nrich_latest_amd64.deb\n\n\u0414\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0431\u044b \u0443\u0431\u0435\u0434\u0438\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043e\u043d \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442, \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u0443 echo \u0438 \u0430\u0434\u0440\u0435\u0441. \u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443:\n\n$ echo 149.202.182.140 | nrich -\n\n\u0414\u0430\u043b\u0435\u0435 \u043c\u044b \u0432\u0438\u0434\u0438\u043c \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442: \n\n149.202.182.140 (ftptech1.pcsoft.fr)\n  Ports: 21, 80, 111, 443\n  CPEs: cpe:/a:proftpd:proftpd:1.3.5b, cpe:/a:apache:http_server:2.4.25\n  Vulnerabilities: CVE-2018-11763, CVE-2019-0220, CVE-2017-15710, CVE-2018-1312, CVE-2019-0197, CVE-2017-9798, CVE-2018-1283, CVE-2017-7668, CVE-2017-3169, CVE-2017-15715, CVE-2017-7659, CVE-2018-1333, CVE-2019-0211, CVE-2019-12815, CVE-2017-3167, CVE-2017-9788, CVE-2019-0196, CVE-2017-7679, CVE-2018-17199\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\n\n$ nrich --help \n\n\u0414\u0430\u043b\u0435\u0435 \u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0441\u044f \u0441\u043f\u0438\u0441\u043a\u043e\u043c \u043a\u043e\u043c\u0430\u043d\u0434 \u0438\u0441\u0445\u043e\u0434\u044f \u0438\u0437 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f", "creation_timestamp": "2022-02-18T16:23:37.000000Z"}]}