Patched Apache Vulnerability Could Still Cause Problems

  /     /     /  
Publicated : 23/11/2024   Category : security

Patched Apache Vulnerability Could Still Cause Problems


More than 2 million Apache HTTP servers remain at risk for a critical privilege escalation vulnerability.


A vulnerability in Apache HTTP Server has been found and patched, but the sheer number of servers still running older, unpatched versions of the software means hundreds of thousands of sites and servers could still be in danger.
CVE-2019-0211 is a privilege-escalation vulnerability that could allow users to execute arbitrary code with the privilege of the parent process, which is usually root. The vulnerability exists in Apache HTTP Server releases 2.4.17 to 2.4.38 and was patched with the release of Apache HTTP Server 2.4.39.
According to Rapid7 scans, more than 2,000,000 servers, many on public cloud platforms, are still running vulnerable versions of Apache. This is especially problematic and prone to exploit in shared hosting providers that run multiple sites under one umbrella Apache process, said Bob Rudis, chief data scientist at Rapid7. 
Rudis recommended those who use shared hosting providers contact them to ensure the software has been patched and that organizations running vulnerable versions on their own platforms do so as soon as possible, too, to avoid being used as a privilege escalation vector that can be leveraged on other applications.
Read more 
here
.
 
 
 
 
Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industrys most knowledgeable IT security experts. Check out the
Interop agenda
here.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Patched Apache Vulnerability Could Still Cause Problems