info
Bugtraq ID: 100609
Class: Input Validation Error
CVE: CVE-2017-9805
Remote: Yes
Local: No
Published: Sep 05 2017 12:00AM
Updated: Sep 05 2017 12:00AM
Credit: Man Yue Mo
Vulnerable: Apache Struts 2.5.9
Apache Struts 2.5.8
Apache Struts 2.5.7
Apache Struts 2.5.6
Apache Struts 2.5.5
Apache Struts 2.5.4
Apache Struts 2.5.3
Apache Struts 2.5.2
Apache Struts 2.5.12
Apache Struts 2.5.11
Apache Struts 2.5.10
Apache Struts 2.5.1
Apache Struts 2.5
Not Vulnerable: Apache Struts 2.5.13
discussion
Apache Struts is prone to a remote code-execution vulnerability.
Successfully exploiting this issue may allow an attacker to execute
arbitrary code in the context of the affected application. Failed
exploit attempts will likely result in denial-of-service conditions.
Apache Struts 2.5 through 2.5.12 are vulnerable.
exploit
script exploit
References
[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5638
[2] https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/
[3] https://cwiki.apache.org/confluence/display/WW/S2-045
04day is AN formidable multimedia system effort supported in 2011 to look at however technology can modification life within the future for an enormous thought audience.
Our original editorial insight was that technology had migrated from the so much fringes of the culture to absolutely the center as mobile technology created a replacement generation of digital shoppers. Now, we tend to board a stunning world of screens that has ushered in revolutions in media, transportation, and science. The longer term is incoming quicker than ever.
04day is that the go-to supply for school, digital culture and diversion content for its dedicated and cogent audience around the globe
No comments:
Post a Comment