Ars Technica

apache and 'root'

Only privileged processes can bind to ports < 1024. So apache has to start as root if you want to run on port 80. It runs perfectly fine on high ports as a normal user.
Bleeping Computer

Apache Bug Lets Normal Users Gain Root Access Via Scripts

A privilege escalation vulnerability of important severity in the Apache HTTP server allowing users with the right to write and run scripts to gain root on Unix systems was fixed in Apache httpd ...
ZDNet

Apache web server bug grants root access on shared hosting environments

This week, the Apache Software Foundation has patched a severe vulnerability in the Apache (httpd) web server project that could --under certain circumstances-- allow rogue server scripts to execute ...
Linux Journal

Apache Bug Lets Attackers Gain Root Access

Apache HTTP web server users are being urged to update their servers to patch for a critical vulnerability that could give an attacker a way to gain root access. Researcher Charles Fol discovered the ...