Apache
실행 가능한 PHP 확장자
Apache 서버에서 실행 중인 확장자를 확인하세요. 검색하려면 다음을 실행할 수 있습니다:
또한, 이 구성을 찾을 수 있는 몇 가지 장소는 다음과 같습니다:
CVE-2021-41773
Description
Apache HTTP Server 2.4.49 and prior versions are vulnerable to a path traversal attack, which allows an attacker to access files outside of the web root directory. This vulnerability can be exploited by sending a specially crafted HTTP request to the server.
Impact
By exploiting this vulnerability, an attacker can gain unauthorized access to sensitive files on the server. This can lead to the exposure of sensitive information, such as configuration files, credentials, or other sensitive data.
Exploitation
To exploit this vulnerability, an attacker can send a GET request with a specially crafted path to the server. By manipulating the path parameter, the attacker can traverse directories and access files outside of the web root directory.
Mitigation
To mitigate this vulnerability, it is recommended to upgrade to Apache HTTP Server version 2.4.50 or later. Additionally, it is advised to implement proper input validation and sanitization to prevent path traversal attacks. Regular security updates and monitoring should also be performed to detect and mitigate any potential attacks.
Last updated