Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Windscribe
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 5 Vote(s) - 3 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News New Vulnerability Discovered With PHP: NGiNX At Risk
#1
[Image: cyber-crime-technology-hack-feat.jpg]




           A new flaw for PHP servers running NGiNX was discovered, and it could allow attackers to remotely execute arbitrary code on vulnerable web servers. The flaw, is currently designated CVE-2019-11043 is reported to affect websites with various PHP-FPM configurations. The flaw was discovered by Andrew Danau, a security researcher at Wallarm while tracking down bugs at a CTF competition. The bug was then weaponized and utilized as a remote execution access exploit by his two fellow researchs, Omar Ganiev, and Emil Lerner.


      All users are advised to update to PHP 7.3.11 and PHP 7.2.24, even if you aren't running the vulnerable configurations. 


      Original article can be found here.


             That was the news folks, have a good rest of the weekend, and stay safe out there.


       ----Mad-Architect 
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
Star News Can Vulnerability Scanning Replace Penetration Testing? News 0 170 08-30-2020, 02:08 AM
Last Post: News
Star News Vulnerability Volume Poised to Overwhelm Infosec Teams News 0 118 08-28-2020, 09:14 AM
Last Post: News
Star News Vulnerability Prioritization: Are You Getting It Right? News 0 850 08-10-2020, 07:33 PM
Last Post: News
Exclamation News Does TikTok Really Pose a Risk to US National Security? Mr.Kurd 0 153 07-25-2020, 10:13 PM
Last Post: Mr.Kurd
Smile News Critical Vulnerability In Bisq Crypto Exchange Exploited For Some Users Mr.Kurd 0 347 04-10-2020, 02:46 PM
Last Post: Mr.Kurd
Rainbow News Vulnerability In WPvivid Backup Plugin Could Expose Files Of WordPress Sites Mr.Kurd 0 321 04-01-2020, 11:11 AM
Last Post: Mr.Kurd
Rainbow News Microsoft Alerts Users Of Zero-Day RCE Vulnerability In Windows 7 Under Active Exploi Mr.Kurd 0 394 03-26-2020, 09:03 AM
Last Post: Mr.Kurd
Thumbs Down News Slack Vulnerability Allowing Account Takeovers Mr.Kurd 0 306 03-17-2020, 08:11 PM
Last Post: Mr.Kurd
Exclamation News A vulnerability that Allows Hackers to Hijack Facebook Accounts Mr.Kurd 0 360 03-04-2020, 07:17 AM
Last Post: Mr.Kurd
Brick News OpenSMTPD Email Server Vulnerability Threatens Many Linux and BSD Systems Mr.Kurd 0 355 03-02-2020, 08:40 PM
Last Post: Mr.Kurd



Users browsing this thread: 1 Guest(s)