CVE-2019-0211

HIGH KEV RANSOMWARE

Apache HTTP Server < 2.4.38 - Use After Free

Title source: rule

Description

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.

Exploits (4)

nomisec WORKING POC 11 stars

by ozkanbilge · local

https://github.com/ozkanbilge/Apache-Exploit-2019

View Code ZIP pw:eip

github WORKING POC 1 stars

by vaishakhcv · perlpoc

https://github.com/vaishakhcv/CVE-exploits/tree/master/CVE-2019-0211

View Code ZIP pw:eip

github WORKING POC

by winterwolf32 · perlpoc

https://github.com/winterwolf32/CVE_Exploits-/tree/master/CVE-2019-0211

View Code ZIP pw:eip

exploitdb WORKING POC

by cfreal · phplocallinux

https://www.exploit-db.com/exploits/46676

View Code ZIP pw:eip

References (52)

[Third Party Advisory] https://usn.ubuntu.com/3937-1/

[Broken Link, Mailing List, Release Notes, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html

[Broken Link, Mailing List, Release Notes, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html

[Broken Link, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html

[Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/152386/Apache-2.4.38-Root-Privilege-Escalation.html

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/152415/Slackware-Security-Advisory-httpd-Updates.html

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/152441/CARPE-DIEM-Apache-2.4.x-Local-Privilege-Escalation.html

[Broken Link, Vendor Advisory] http://www.apache.org/dist/httpd/CHANGES_2.4.39

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2019/04/02/3

[Mailing List] http://www.openwall.com/lists/oss-security/2019/07/26/7

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/107666

[Third Party Advisory] https://access.redhat.com/errata/RHBA-2019:0959

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2019:0746

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2019:0980

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2019:1296

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2019:1297

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2019:1543

[Vendor Advisory] https://httpd.apache.org/security/vulnerabilities_24.html

[Mailing List] https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

... and 32 more

Scores

CVSS v3 7.8

EPSS 0.8945

EPSS Percentile 99.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation Intel

CISA KEV 2021-11-03

VulnCheck KEV 2021-11-03

InTheWild.io 2021-07-23

ENISA EUVD EUVD-2019-1002

Ransomware Use Confirmed

Classification

CWE

CWE-416

Status published

Affected Products (50)

apache/http_server < 2.4.38

fedoraproject/fedora

fedoraproject/fedora

fedoraproject/fedora

canonical/ubuntu_linux

canonical/ubuntu_linux

canonical/ubuntu_linux

canonical/ubuntu_linux

debian/debian_linux

opensuse/leap

opensuse/leap

netapp/oncommand_unified_manager

redhat/jboss_core_services

redhat/openshift_container_platform

redhat/openshift_container_platform_for_power

... and 35 more

Timeline

Published Apr 08, 2019

KEV Added Nov 03, 2021

Tracked Since Feb 18, 2026