Apache Httpd 2.4.18 Exploit [best] -

During a "graceful" restart ( apache2ctl graceful ), the main process accesses this SHM to relocate "buckets."

: The module failed to verify the integrity of encrypted session data before decryption. Because it used CBC (Cipher Block Chaining) mode without authenticated encryption, it was susceptible to a Padding Oracle Attack apache httpd 2.4.18 exploit

Better yet, so that a compromise is bounded. During a "graceful" restart ( apache2ctl graceful ),

Historically, this version was notably susceptible to several distinct types of attacks: CVE-2016-1546 Detail - NVD apache httpd 2.4.18 exploit