|
|
|||
| Rule General Information |
|---|
| Release Date: | 2018-11-20 | |
| Rule Name: | MISC Apache Struts 2 Commons FileUpload Insecure Deserialization Vulnerability -1 (CVE-2016-1000031) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | An insecure deserialization vulnerability has been reported in Apache Struts 2. This vulnerability is due to Apache Struts 2 having a dependency on a vulnerable version of Commons FileUpload. This affects Struts 2.3.36 and prior. | |
| Impact: | A remote attacker can exploit this vulnerability by sending a specially crafted serialized objects to an application using Apache Struts 2 that also has a suitable attack vector. Successful exploitation can result in arbitrary file upload withing the security context of the target application. | |
| Affected OS: | Network Device, Solaris, FreeBSD, Windows, Mac OS, iOS, Other Unix, Linux, Others, Android | |
| Reference: | http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html SecurityFocusBID:93604 ZeroDayInitiative:ZDI-16-570 https://issues.apache.org/jira/browse/FILEUPLOAD-279 https://issues.apache.org/jira/browse/WW-4812 https://lists.apache.org/thread.html/d66657323fd25e437face5e84899c8ca404ccd187e81c3f2fa8b6080@%3Cannounce.apache.org%3E https://www.tenable.com/security/research/tra-2016-12 https://www.tenable.com/security/research/tra-2016-23 https://www.tenable.com/security/research/tra-2016-30 http://mail-archives.us.apache.org/mod_mbox/www-announce/201811.mbox/%3CCAMopvkMo8WiP%3DfqVQuZ1Fyx%3D6CGz0Epzfe0gG5XAqP1wdJCoBQ%40mail.gmail.com%3E |
|
| Solutions |
|---|
| The Apache Struts Team recommends to immediately upgrade your Struts 2.3.36 based projects to use the latest released version of Commons FileUpload library, which is currently 1.3.3. This is necessary to prevent your publicly accessible web site from being exposed to possible Remote Code Execution attacks. |