The symlink race condition vulnerability
I'm running Webhost manager on Ubuntu 20.4 (cpanel's supported version) but I only have the "BlueHost version" to patch this vulnerability. Cloudlinux has several methods, Is there a fix on the way from cPanel for this issue?
-
This is what it says: The Bluehost patch improves Apache"s ability to detect a race condition. The Bluehost patch modifies Apache and the Apache Portable Runtime (APR) library so that Apache cannot access certain files. It's my only option to patch it in Web Host Manager. But it says it's not optimal for patching it. 0 -
Security Advisor says this: Apache Symlink Protection: the Bluehost provided Apache patch is in effect It appears that the Bluehost provided Apache patch is being used to provide symlink protection. This is less than optimal. 0 -
@agnelp - I'm not sure I see a question in your reply - is there a specific issue you are having with the system? 0
Please sign in to leave a comment.
Comments
6 comments