live casino online

Apache Tomcat Spotted with Vulnerabilities

October 05, 2017

Vulnerabilities in Apache Tomcat, which is as the world's most widely used web application server used in over 70 percent of enterprise data centers, were uncovered and patched the past few weeks. Among these are two remote code execution (RCE) vulnerabilities that allow remote attackers to execute arbitrary code, and one that can be exploited to bypass security constraints and view sensitive information.

Apache Tomcat developers the discovery of the most recent bug on October 3. According to the developers, the vulnerability designated as affects systems that have the HTTP PUT method enabled, which can be done by setting the readonly initialization parameter of the Default servlet to false. CVE-2017-12617 allows attackers to upload a malicious JSP file to a targeted server using a specially crafted request. Subsequently, the server would execute the code in the JSP file when the file is requested. According to a , an attacker would not be able to upload a malicious file if the readonly?initialization parameter is set to?true.

Here’s the list of affected versions and the links to their respective fixes:

To mitigate the risk of exploitation, users of the product were advised to upgrade to later versions where the vulnerability is fixed. ?

Addressed on September 19 before the emergence of CVE-2017-12617, is similar to the former, which existence it owes to the incomplete fix for the latter. This vulnerability was found in Apache Tomcat versions 7.0.0 to 7.0.79, and users were to upgrade to version or later.

The other vulnerability, , is an issue that stems from the or misuse of the VirtualDirContextfeature, which should not be utilized in production environments, but only to ease development with IDEs without needing to fully republish jars in WEB-INF/lib. The vulnerability can bypass security constraints or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.

Solutions and Mitigations

Attackers generally require access to a vulnerable machine to deploy attacks remotely. Aside from timely application of patches, users can prevent threats that may exploit Apache Tomcat vulnerabilities by reviewing access to critical systems and ensuring policies and perimeter security is up-to-date.

live casino online??Deep Security? and?Vulnerability Protection?provide?virtual patching?that protects servers and endpoints from threats that may abuse vulnerabilities.?OfficeScan’s Vulnerability Protection shields endpoints from identified and unknown vulnerability exploits even before patches are deployed. live casino online??Deep Discovery? provides detection, in-depth analysis, and proactive response to attacks using exploits through specialized engines, custom?, and seamless correlation across the entire attack lifecycle, allowing it to detect threats that may exploit vulnerabilities even without any engine or pattern update.
HIDE

Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.

Posted in Vulnerabilities & Exploits

We Recommend