[SingCERT] Alert on Privilege Escalation Vulnerability (CVE-2019-0211) affecting Apache Web Server

Published on Thursday, 04 April 2019 13:57

Background


A security researcher has discovered a critical privilege escalation vulnerability (CVE-2019-0211) affecting the Apache web server utilising the Multi-Processing Module (MPM), worker or prefork.

 

Affected Versions


Apache HTTP Server versions 2.4.17 - 2.4.38


Note: Non-Unix operating systems (i.e. Microsoft Windows) are not affected.


Impact


The code in less-privileged child processes or threads, including scripts executed by an in-process scripting interpreter, could execute arbitrary code with the privileges of the parent process (typically "root") by manipulating the Apache scoreboard, a data structure that keeps track of server activity.

 

Recommendations


Administrators of Apache HTTP servers with Unix OS running MPM, worker or prefork, should upgrade to the latest version 2.4.39 or later.


References


https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0211


https://thehackernews.com/2019/04/apache-web-server-security.html