UPDATE NOW: Vulnerability in Apache HTTP Server 2.4.49 Allows Files Outside of the Site Root to be Retrieved

October 7, 2021 | by Arround The Web | No comments

UPDATE NOW: Vulnerability in Apache HTTP Server 2.4.49 Allows Files Outside of the Site Root to be Retrieved

A matter of urgency generated an update of http-server Apache 2.4.50, which eliminated an already actively exploited 0-day vulnerability (CVE-2021-41773 ), allowing you to access your files from areas outside the site root. The vulnerability can be used to load arbitrary system files and source texts of web scripts that are readable by the user under which the HTTP server is running. The developers were notified of the problem on September 17 but were able to release the update only today, after cases of using the vulnerability to attack sites were recorded on the network.

The post UPDATE NOW: Vulnerability in Apache HTTP Server 2.4.49 Allows Files Outside of the Site Root to be Retrieved appeared first on Linux Today.

Source: Linux Today

UPDATE NOW: Vulnerability in Apache HTTP Server 2.4.49 Allows Files Outside of the Site Root to be Retrieved

Leave a Reply Cancel reply