Get a Pentest and security assessment of your IT network.

Cyber Security

New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers

A newly disclosed vulnerability could allow unauthorized attackers to hack your website server remotely. The main vulnerability is an “env_path_info” underflow memory corruption issue in the PHP-FPM module. The vulnerability was spotted by Andrew Danau, a security researcher at Wallarm while hunting for bugs in a Capture The Flag competition, which was then weaponized by two fellow researchers to develop a fully working remote code execution exploit. Users are strongly advised to update the latest PHP 7 and PHP 7.21124.

Source: https://thehackernews.com/2019/10/nginx-php-fpm-hacking.html

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation