New on LowEndTalk? Please Register and read our Community Rules.
Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
Categories
In this Discussion
- 2008-2021 © LowEndBox & LowEndTalk. Privacy Policy. Powered by Vanilla.
Back to Top | LowEndTalk | LowEndBox | Dark Theme Config | Advertise
Comments
I did by switching to mini_httpd.
How bout a source or CVE? This post is pretty useless without any information on the issue...
Mods.. please delete the thread if you feel it's useless.
Thx
CVE-2019-0211
CVE-2019-0215
CVE-2019-0217
Redhat
Debian
Ubuntu
OP should provide more info in the inicial post, but it's far from useless
Can a Mod edit the post... not all versions are affected.
Apache HTTP 2.4.17 to 2.4.38 is vulnerable to a local root exploit when mod_prefork, mod_worker and mod_event are used:
https://httpd.apache.org/security/vulnerabilities_24.html
We are hearing reports of exploit(s) already being produced and strongly recommend that everyone update to Apache HTTP 2.4.39 as soon as possible - especially in shared hosting environments!
https://www.apache.org/dist/httpd/Announcement2.4.html
https://www.zdnet.com/article/apache-web-server-bug-grants-root-access-on-shared-hosting-environments/
Quoting from Rack911labs.com
That's pretty bad. Apache is supposed to drop privileges as soon as it has opened its listener ports, so getting root should be impossible even if the process is pwned. I wonder what they messed up. I'll try to get around to looking at the patch.
Still, since it's a local exploit, it's scariest for shared hosting providers and people running multi-user systems.
Still no patch from cPanel, thankfully CloudLinux pushed a fix (albeit in their TESTING repo): https://forums.cpanel.net/threads/ea-8307-update-ea-apache24-to-2-4-39-for-cve-2019-0211.650517/
CPanel said they are working on it. Personally, considering almost all hosts use cPanel they should have been at the forefront of patching it.
Cloudlinux said they will love the patch to their production repo tomorrow.
Thanks for the tip!
Start to think about migrating to OpenLiteSpeed now...
cPanel's update for the local privilege escalation has been released.