CVE-2019-0211: escalation privilege vulnerability in Apache HTTP service component

On April 1, the open source software Apache version 2.4.39 release, which fixed a privilege escalation vulnerability numbered CVE-2019-0211 and mod_auth_digest access control bypass vulnerability numbered CVE-2019-0217. According to CVE-2019-0211 analysis, the vulnerability impact is seriously, and the attacker writes a script (PHP, CGI,..) scripts can directly gain root privilege on target systems, affecting Apache 2.4.17 to 2.4.38 versions on *nix platforms.

Apache Tomcat Native

The specific vulnerability information of CVE-2019-0211 is as follows:

“In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.”

The specific vulnerability information of CVE-2019-0217 is as follows:

“In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.”

Affected version

  • CVE-2019-0211
    Apache HTTP Server 2.4.38, 2.4.37, 2.4.35, 2.4.34, 2.4.33, 2.4.30, 2.4.29, 2.4.28, 2.4.27, 2.4.26, 2.4.25, 2.4.23, 2.4.20, 2.4.18, 2.4.17
  • CVE-2019-0217
    2.4.38, 2.4.37, 2.4.35, 2.4.34, 2.4.33, 2.4.30, 2.4.29, 2.4.28, 2.4.27, 2.4.26, 2.4.25, 2.4.23, 2.4.20, 2.4.18, 2.4.17, 2.4.16, 2.4.12, 2.4.10, 2.4.9, 2.4.7, 2.4.6, 2.4.4, 2.4.3, 2.4.2, 2.4.1, 2.4.0

Solution

Update to Apache httpd 2.4.39