RC Logr 20190409 224521
Tuesday, 9 Apr, 2019
PSA: A serious bug was discovered in Apache, the web server that powers a lot of the internet. Vulnerability CVE-2019-0211 allows scripts to be executed with root privileges, allowing system takeover especially on shared hosting environments. 🐞☠️
Apache foundation released patched version 2.4.39, so confirm and update (or request an update):
You might need to confirm from your “control panel” in a shared environment. Note that Apache sysadmins can make settings to block these tools from getting any details about the web server. Same caveat applies, but you can also put
<?php phpinfo() ?> in a file like
info.php, then serve and access it.