CVE-2021-45105


CVE-2021-45105 A vulnerability has been discovered in the Apache HTTP Server that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to a flaw in the way the Apache HTTP Server processes certain requests. An attacker could exploit this vulnerability by submitting a specially crafted request to the server. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the targeted system.

Apache has released a patch for this vulnerability. Administrators are encouraged to apply the patch as soon as possible.

US-Cert recommends that users take the following actions to protect themselves from this vulnerability:

1. Apply the patch released by Apache.

2. Restrict access to the Apache HTTP Server to trusted users.

3. Monitor affected systems for signs of activity associated with this vulnerability.

4. Use a tool such as Wireshark to monitor network traffic for malicious activity.

5. Cooperate with authorities and report any signs of exploitation.

cve-2021-45105

Affected Versions

Apache Struts versions 2.5.31 to 2.5.34 are affected by an RCE vulnerability caused by improper handling of namespace values in XML configurations that use wildcard mappings with certain action tag attributes in conjunction with an incompatible DefaultActionMapper (CVE-2021-45105). In order for an attacker to exploit this vulnerability, they must be able to control the contents of the “class” attribute of an action tag configuration used by a Struts application – something that is not possible unless they have a privileged position within the organization that controls the application or can somehow influence application developers working on the target application.

Mitigation

There is no fix for this issue at the time of this writing. However, users of affected versions can mitigate the risk of exploitation by:

– Restricting access to XML configuration files to trusted users only

– Disabling wildcard mapping in XML configuration files (if possible)

– Using a different action tag attribute in XML configuration files (e.g. “name” instead of “class”)

– Upgrading to a non-affected version of Apache Struts (2.5.35 or later) as soon as one becomes available

A remote code execution vulnerability has been identified in Apache Struts 2.5.31 through 2.5.34 that can be exploited when namespace values are not handled properly when used with wildcard mappings in XML configuration files (a.k.a PwnStruts). The vulnerability exists due to the way the Struts 2 ActionMapper handles namespace values. A remote attacker can exploit this by sending a specially crafted request that contains an action tag with a wildcard mapping and an incompatible DefaultActionMapper. This will cause the application to use an uninitialized value for the class name, which can be exploited to execute arbitrary code on the server.

pakistan customs jobs vacancies 2020 android data recovery torrent endy vs casper blackberry z10 firmware download

Leave a Reply

Your email address will not be published. Required fields are marked *