apache root 0day
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| apache2 (Ubuntu) |
Expired
|
Undecided
|
Unassigned | ||
Bug Description
there is an apache zero day out there, I have been trying to report for some time. may affect upstream debian code also. Nasa got hit, dreamhost got hit, potentially others also.
what happens is the attacker gains root or escalation priviledges somehow and gets to muck up the htaccess file. as a result the server refuses to load the config and throws 500 in peoples faces instead.
Note that I used geany and leafpad when editing. there is no way to drop sequences of line numbers into this file by blind accident.
This however did occur.
It is possible also to override file permissions ie access permissions in ways to break wordpress setups. There is no easy fix for this once it occurs and very upsetting to WP users. As a result I have dropped it.
Im not sure what causes the zero-day. grsec patches are used but dated and will not build for recent kernels, rather break them.
| Marc Deslauriers (mdeslaur) wrote | #1 |
| affects: | systemd (Ubuntu) → apache2 (Ubuntu) |
| information type: | Private Security → Public Security |
| Changed in apache2 (Ubuntu): | |
| status: | New → Incomplete |
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in apache2 (Ubuntu): | |
| status: | Incomplete → Expired |
Do you have any details on what the issue is, or what the fix is?