Top
image credit: Pexels

Serious Apache server bug gives root to baddies in shared host environments

April 4, 2019

Category:

The Apache HTTP Server, the Internet’s most widely used Web server, just fixed a serious vulnerability that makes it possible for untrusted users or software to gain unfettered control of the machine the software runs on.

CVE-2019-0211, as the vulnerability is indexed, is a local privilege escalation, meaning it allows a person or software that already has limited access to the Web server to elevate privileges to root. From there, the attacker could do just about anything. The vulnerability makes it possible for unprivileged scripts to overwrite sensitive parts of a server’s memory, Charles Fol, the independent researcher who discovered the bug, wrote in a blog post. A malicious script could exploit the vulnerability to gain root.

Read More on ArsTechnica