Understanding the Risks of Apache httpd 2.4.18 Apache httpd version 2.4.18, released in late 2015, remains common in legacy environments—most notably as the default version in Ubuntu 16.04 LTS (Xenial Xerus)
If you're looking for an in-depth paper on this topic, here are a few resources: apache httpd 2.4.18 exploit
Users often search for an RCE exploit for 2.4.18. While there is no widely known, direct "unauthenticated RCE" that works on a default configuration, version 2.4.18 is frequently targeted in Local Privilege Escalation (LPE) chains. Understanding the Risks of Apache httpd 2
This vulnerability affects the way Apache handles the LIMIT directive in .htaccess files. The Issue : Version 2
The Issue: Version 2.4.18 was one of the early adopters of the mod_http2 module. A flaw in how it handled request headers allowed attackers to cause a Denial of Service (DoS) by sending specially crafted HTTP/2 requests that would crash the server process.
Using a simple C program, an attacker on a compromised host can locate the Apache scoreboard:
Exploitation: Attackers typically overwrite function pointers in the shared memory to execute arbitrary code with root authority.