apache root 0day
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apache2 (Ubuntu) |
Expired
|
Undecided
|
Unassigned |
Bug Description
there is an apache zero day out there, I have been trying to report for some time. may affect upstream debian code also. Nasa got hit, dreamhost got hit, potentially others also.
what happens is the attacker gains root or escalation priviledges somehow and gets to muck up the htaccess file. as a result the server refuses to load the config and throws 500 in peoples faces instead.
Note that I used geany and leafpad when editing. there is no way to drop sequences of line numbers into this file by blind accident.
This however did occur.
It is possible also to override file permissions ie access permissions in ways to break wordpress setups. There is no easy fix for this once it occurs and very upsetting to WP users. As a result I have dropped it.
Im not sure what causes the zero-day. grsec patches are used but dated and will not build for recent kernels, rather break them.
Do you have any details on what the issue is, or what the fix is?