![]() ![]() The Black Duck Security Advisory for the Ghostcat vulnerability suggests the following workaround: The availability of public exploits makes it easy for malicious actors to launch attacks: Apache Tomcat’s AJP connector is enabled by default on all Tomcat servers and listens on the server’s port 8009. Ghostcat also affects the default configuration of Tomcat, and many servers may be vulnerable to attacks directly from the internet. This vulnerability is present in all versions of Apache Tomcat released in the last 13 years (versions 6.x/7.x/8.x/9.x). More than 1 million actively reachable servers on the internet are running Apache Tomcat. The popularity of Apache Tomcat makes this vulnerability severe. What makes Ghostcat a severe vulnerability? However, the attacker must be able to save the uploaded files to the document root and to reach the AJP port directly from outside the target’s network. If an application running on an affected version of Tomcat contains a file upload vulnerability, an attacker can exploit it in combination with Ghostcat to achieve remote code execution. Remote code execution is not possible by default. It also allows the attacker to process any file in the web application as JSP. Ghostcat allows an attacker to retrieve arbitrary files from anywhere in the web application, including the `WEB-INF` and `META-INF` directories and any other location that can be reached via ServletContext.getResourceAsStream(). This connection is treated with more trust than a connection such as HTTP, allowing an attacker to exploit it to perform actions that are not intended for an untrusted user. Apache Tomcat includes the AJP connector, which is enabled by default and listens on all addresses on port 8009. Ghostcat is a vulnerability found in Apache Tomcat versions 6.x, 7.x, 8.x, and 9.x that allows remote code execution in some circumstances. Ghostcat (CVE-2020-1938) is an Apache Tomcat vulnerability that allows remote code execution in some circumstances. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |