Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Apache Struts users have to update FileUpload library to fix years-old flaws

Apache Struts Users have to update the Commons FileUpload library in Struts 2 that is affected by two vulnerabilities. Apache Struts developers have addressed two vulnerabilities in the Commons FileUpload library in Struts 2, the flaws can be exploited for remote code execution and denial-of-service (DoS) attacks. “Apache today released an advisory, urging users who run Apache Struts 2.3.x to […]

Apache Struts users have to update FileUpload library to fix years-old flaws

Apache Struts Users have to update the Commons FileUpload library in Struts 2 that is affected by two vulnerabilities.

Apache Struts developers have addressed two vulnerabilities in the Commons FileUpload library in Struts 2, the flaws can be exploited for remote code execution and denial-of-service (DoS) attacks.

“Apache today released an advisory, urging users who run Apache Struts 2.3.x to update the commons-fileupload component [1]. Struts 2.3.x uses by default the old 1.3.2 version of commons-fileupload. In November of 2016, a deserialization vulnerability was disclosed and patched in commons-fileupload [2]. The vulnerability can lead to arbitrary remote code execution.” states the SANS Institute.

“You are vulnerable if you run Struts 2.3.x, and if your site makes use of the file upload mechanism built into Struts. You are not vulnerable if you are running Struts 2.5.x. This newer version of Struts includes a patched commons-fileupload component.”

The Commons FileUpload library is the default file upload mechanism in Struts 2, it is affected by a critical remote code execution vulnerability tracked as CVE-2016-1000031.

CVE-2016-1000031 was discovered two years ago by experts at Tenable and it was addressed with the Commons FileUpload version 1.3.3 in June 2017.

“There exists a Java Object in the Apache Commons FileUpload library that can be manipulated in such a way that when it is deserialized, it can write or copy files to disk in arbitrary locations.stated Tenable in the security advisory.

“Furthermore, while the Object can be used alone, this new vector can be integrated with ysoserial to upload and execute binaries in a single deserialization call,” 

Struts versions after 2.5.12 are already using version 1.3.3 of the library, while users have to manually update applications using Struts 2.3.36 and earlier by replacing the commons-fileupload JAR file in WEB-INF/lib with the patched version.

Commons FileUpload library Version 1.3.3 also addressed a DoS vulnerability, tracked as CVE-2014-0050, that was discovered in 2014, the issue was first patched in February 2014 with the release of version 1.3.1.

An attacker could exploit the flaw to trigger a DoS condition on publicly accessible sites.

“The Apache Struts Team recommends to immediately upgrade your Struts 2.3.36 based projects to use the latest released version of Commons FileUpload library, which is currently 1.3.1. This is necessary to prevent your publicly accessible web site from being exposed to possible DoS attacks [1] [2].” states the security advisory.

Summarizing, users have to check that their installs don’t use the vulnerable library.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Apache Struts, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]