virus logo Intrusion Prevention

Apache.Optionsbleed.Scanner

description-logoDescription

This indicates detection of an attempt scan to exploit an Information Disclosure vulnerability in Apache HTTP Server.
The vulnerability is due to a misconfiguration error in target system's .htaccess file when target system handling HTTP requests. A remote attacker can exploit this to gain access to secret data from process memory.
Signature for this vulnerability is a rate based signature and will trigger at a rate of 10 request per 50 second.

affected-products-logoAffected Products

Apache HTTP Server 2.2.34 and prior
Apache HTTP Server 2.4.27 and prior
Debian Linux 7.0 to 9.0

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to the latest version available from the website.
https://svn.apache.org/viewvc?view=revision&revision=1807754

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2025-10-14 34.100
Modified
 Sig Added
2025-09-04 34.078
Modified
 Sig Added
2019-06-13 14.632
Modified
 Severity:medium:high
2019-01-29 14.536
Modified
 Modified

References

1807754 42745
ID 44633
Created Oct 27, 2017
Updated Oct 24, 2025
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Exploit Prediction Score 93.84%
Default Action pass
Active
Affected OS Linux
Affected App Apache
Profile Type Information Disclosure