icon

We found results for “

CVE-2019-0211

Date: April 8, 2019

Overview

The Apache HTTP Server is a popular open-source web server software that can be deployed across multiple platforms and environments. Affected versions of this software are vulnerable to illicit root privilege escalation. This vulnerability can be exploited when a malicious user executes arbitrary code and gains root privileges on a targeted system. Non-Unix systems are not affected.

Details

The CVE-2019-0211 vulnerability is found in Apache Multi-Processing Modules (MPMs), mostly mpm_prefork_module, mpm_worker_module, and mpm_event_module. Basically, the Apache web server utilizes a shared-memory region called scoreboard to keep track of worker processes (less-privileged child activities) managed by mpm_prefork_module (root privileges). To exploit this flaw, a hacker could get read/write access of a worker process (via a separate exploit) and then manipulate the scoreboard used for parent (usually the root) and child interactions. When manipulating the scoreboard, the hacker could implement an arbitrary script that makes the scoreboard point to a rogue worker. Consequently, the hacker’s nefarious code could be triggered by an Apache graceful restart (apache2ctl graceful), which is usually initiated by the logrotate system utility every 24 hours. This way, an intruder could use this vulnerability to upload and execute scripts on the web server with root privileges.

Affected Environments

CVE-2019-0211 only affects UNIX-like systems running Apache servers from versions 2.4.17 (October 9th, 2015) to 2.4.38 (April 1st, 2019). This vulnerability is particularly troublesome to hosting companies providing “shared web hosting plans,” which allow multiple users to share the same parent Apache server for hosting their websites.

Remediation

To fix this privilege escalation bug, upgrade your Apache HTTP Server to version 2.4.39 (released on April 1st, 2019), or higher. Various UNIX distributions, such as Ubuntu, Debian, and SuSE, have already issued package updates to patch this flaw. So, users are advised to install these updates on their systems as soon as possible.

Prevention

Use the latest version of the Apache HTTP Server Avoid shared web hosting plans

Language: C

Good to know:

icon

Permissions, Privileges, and Access Control

CWE-264

Use After Free

CWE-416
icon

Upgrade Version

Upgrade to version 2.4.39

Learn More

Base Score:
Attack Vector (AV): Local
Attack Complexity (AC): Low
Privilegs Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): High
Availability (A): High
Base Score:
Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (AU): None
Confidentiality (C): Complete
Integrity (I): Complete
Availability (A): Complete
Additional information: