Java Server Vulnerability

Dangerous Zero Day exploits for a java server vulnerability, which can be found in WebLogic, WebSphere, JBoss, Jenkins and OpenNMS demonstrate, that java-applications on servers are also not secure by default. The origin of this vulnerability can be found in the Common Collections Library.

Stephen Breen published examples to exploit a vulnerability in Java server-applications. The worste part of all, the vulnerabilities were reported 9 months ago.

These vulnerabilities can be used to execute code on remote servers, no authentication is required to do so.

java_vulnerabilities

The Common Collections Library is often used in a variety of Java-applications. The applications listed in the beginning of this article are only an example, because they are well known, more then only these applications are vulnerable.

No finished patches available yet

One approach is to use

Code:
grep -Rl InvokerTransformer .

This lists where the vulnerable class is used. You can also manually remove it by opening the java-archiv and delete:

org/apache/commons/collections/functors/InvokerTransformer.class

More details on all of this can be found @ http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/

 

Source: http://www.heise.de/security/meldung/Zero-Day-Alarm-fuer-viele-Server-mit-Java-2913605.html

No Responses

Leave a Reply

Your email address will not be published.

Powered by themekiller.com