Vipengele vya PHP vinavyoweza kutekelezwa

Angalia vipengele ambavyo Apache server inatekeleza. Unaweza kuyatafuta kwa kutekeleza:

grep -R -B1 "httpd-php" /etc/apache2

Pia, maeneo kadhaa ambapo unaweza kupata usanidi huu ni:

/etc/apache2/mods-available/php5.conf
/etc/apache2/mods-enabled/php5.conf
/etc/apache2/mods-available/php7.3.conf
/etc/apache2/mods-enabled/php7.3.conf

CVE-2021-41773

Description

CVE-2021-41773 is a vulnerability in the Apache HTTP Server that allows remote attackers to execute arbitrary code or disclose sensitive information. This vulnerability affects Apache versions 2.4.49 and prior.

Exploitation

To exploit this vulnerability, an attacker can send a specially crafted HTTP request to the vulnerable server. By including a directory traversal sequence in the request, the attacker can access files outside of the server's document root directory.

Impact

The impact of this vulnerability can be severe. An attacker can potentially gain unauthorized access to sensitive files, such as configuration files, user data, or even execute arbitrary code on the server.

Mitigation

To mitigate this vulnerability, it is recommended to upgrade to Apache version 2.4.50 or later. Additionally, it is advised to implement proper access controls and restrict access to sensitive files and directories.

References

• CVE-2021-41773 - Apache HTTP Server Directory Traversal Vulnerability

• Apache HTTP Server

curl http://172.18.0.15/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh --data 'echo Content-Type: text/plain; echo; id; uname'
uid=1(daemon) gid=1(daemon) groups=1(daemon)
Linux