Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 19 Sep 2017 14:06:38 +0100
From: Mark Thomas <markt@...che.org>
To: oss-security@...ts.openwall.com
Subject: [SECURITY] CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP
 upload

CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP Upload

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
Apache Tomcat 7.0.0 to 7.0.79

Description:
When running on Windows with HTTP PUTs enabled (e.g. via setting the
readonly initialisation parameter of the Default to false) it was
possible to upload a JSP file to the server via a specially crafted
request. This JSP could then be requested and any code it contained
would be executed by the server.

Mitigation:
Users of the affected versions should apply one of the following
mitigations:
- Upgrade to Apache Tomcat 7.0.81 or later (7.0.80 was not released)

Credit:
This issue was reported responsibly to the Apache Tomcat Security Team
by iswin from 360-sg-lab (360观星实验室)

History:
2017-09-19 Original advisory

References:
[1] http://tomcat.apache.org/security-7.html

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ