---

Testing CVE-2019-11043 (php-fpm security vulnerability) with LXD system containers

CVE-2019-11043 is a buffer overflow in php-fpm that under certain conditions, can lead to remote execution. There is an exploit at PHuiP-FPizdaM that targets certain nginx and php-fpm configurations. On their page, they describe how to use Docker to test this exploit. In this post, we use LXD to test the exploit and verify whether it actually works.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis