Patched Apache Vulnerability Could Still Cause Problems

  /     /     /  
Publicated : 23/11/2024   Category : security


Patched Apache Vulnerability Could Still Cause Problems


More than 2 million Apache HTTP servers remain at risk for a critical privilege escalation vulnerability.



A vulnerability in Apache HTTP Server has been found and patched, but the sheer number of servers still running older, unpatched versions of the software means hundreds of thousands of sites and servers could still be in danger.
CVE-2019-0211 is a privilege-escalation vulnerability that could allow users to execute arbitrary code with the privilege of the parent process, which is usually root. The vulnerability exists in Apache HTTP Server releases 2.4.17 to 2.4.38 and was patched with the release of Apache HTTP Server 2.4.39.
According to Rapid7 scans, more than 2,000,000 servers, many on public cloud platforms, are still running vulnerable versions of Apache. This is especially problematic and prone to exploit in shared hosting providers that run multiple sites under one umbrella Apache process, said Bob Rudis, chief data scientist at Rapid7. 
Rudis recommended those who use shared hosting providers contact them to ensure the software has been patched and that organizations running vulnerable versions on their own platforms do so as soon as possible, too, to avoid being used as a privilege escalation vector that can be leveraged on other applications.
Read more 
here
.
 
 
 
 
Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industrys most knowledgeable IT security experts. Check out the
Interop agenda
here.

Last News

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Patched Apache Vulnerability Could Still Cause Problems