Thursday, July 2, 2020
Home Lead Story Hackers Using Bug in PHP7 to Hijack Web Servers

Hackers Using Bug in PHP7 to Hijack Web Servers

The vulnerability only impacts servers using the NGINX web server with the PHP-FPM extension and users who are unable to update their PHP install can mitigate the problem by setting a rule within the standard PHP ModSecurity firewall

Russia-based security researcher Emil ‘Neex Lerner has disclosed a remote-code execution vulnerability in PHP 7 – the newest iteration of the massively widespread net growth language used by hackers.

PHP is a server side scripting language that is used to develop static websites, dynamic websites or web applications. It forms the basis of popular content management systems like WordPress, Drupal, as well as Facebook (kinda). Due to this, it is a huge deal whenever someone wants to identify a security vulnerability within it.

With this vulnerability, which has the CVE-ID of 2019-11043, an attacker may drive a distant net server to execute their very own arbitrary code just by accessing a crafted URL. The attacker only needs to add “?a=” to the website address, followed by their payload, The Next Web (TNW) reported on Sunday.

hacker
The hackers “exploited flaws on at least three of the organisation’s chapter websites – which we’re not naming – and downloaded the contents of each web server,” the report said. Pixabay

As per the report, this attack drastically lowers the barrier to entry for hacking a website which even a non-technical user could abuse.

Also Read: Reportedly, Sony Plans to sell off PlayStation Vue Streaming Service

The vulnerability only impacts servers using the NGINX web server with the PHP-FPM extension and users who are unable to update their PHP install can mitigate the problem by setting a rule within the standard PHP ModSecurity firewall. (IANS)

STAY CONNECTED

19,004FansLike
362FollowersFollow
1,779FollowersFollow

Most Popular

Covid-19 Conspiracy Theories Amplified by Social Media

People who get most of their news from social media like Facebook and YouTube are much more likely to believe conspiracy theories about the...

COVID-19 Accelerating Worldwide : WHO

The World Health Organization says 60 percent of the world’s 10 million COVID-19 cases since December came in the month of June – a...

Doctors Talk About Challenges they Face During the Pandemic

The year 2020 belongs to doctors and the healthcare workers who are risking their lives to fight the lethal, invisible virus Covid-19. While India...

Travel Virtually To These Places Amidst Lockdown

Travel is one of the most rewarding and enriching adventures one can indulge in. Every year, travel enthusiasts from across the world plan their...

Sustainable Kitchen Herb Gardening and it’s Benefits

Your small choice of starting a kitchen herb garden or nurturing the gardening habit can lead you to join the fight against global warming....

Covid-19 Infected Patients’ Blood Can Tell Severity Of Illness

Clinicians can examine Covid-19 patients' blood to identify those at greatest risk of severe illness and to pinpoint those most likely to need a...

While Covid-19 Continues, Don’t Forget Virus with Pandemic Potential

Don't panic, but there is another virus out there that could cause a pandemic. This one is an influenza strain circulating in pigs and...

SARS-CoV-2 Can Directly Infect Heart Cells of Covid-19 Patients

A team of US scientists, led by an Indian-origin researcher revealed that SARS-CoV-2 (coronavirus), the virus behind Covid-19, can infect heart cells in a...

Recent Comments