Security News > 2019 > April > Patched Apache flaw is a serious threat for web hosting providers
2019-04-03 11:04
Organizations running Apache web servers are urged to implement the latest security update to fix a serious privilege escalation flaw (CVE-2019-0211) that can be triggered via scripts and could allow unprivileged web host users to execute code with root privileges, i.e. allow them to gain complete control of the machine. About CVE-2019-0211 Discovered by security researcher Charles Fol and dubbed Carpe Diem, the vulnerability affects only Apache HTTP Server on Unix systems. “In Apache HTTP … More → The post Patched Apache flaw is a serious threat for web hosting providers appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/DqIvsuI-Kyw/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-08 | CVE-2019-0211 | Use After Free vulnerability in multiple products In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. | 7.8 |