ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Apache Struts Exploit

    Scheduled Pinned Locked Moved IT Discussion
    apacheweb serverlinuxsecurity
    1 Posts 1 Posters 732 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stacksofplatesS
      stacksofplates
      last edited by stacksofplates

      https://arstechnica.com/security/2017/03/in-the-wild-exploits-ramp-up-against-high-impact-sites-using-apache-struts/

      The vulnerability resides in what's known as the Jakarta file upload multipart parser, which according to official Apache Struts 2 documentation is a standard part of the framework and needs only a supporting library to function. Apache Struts versions affected by the vulnerability include Struts 2.3.5 through 2.3.31 and 2.5 through 2.5.10. Servers running any of these versions should upgrade to 2.3.32 or 2.5.10.1 immediately.

      1 Reply Last reply Reply Quote 0
      • 1 / 1
      • First post
        Last post