Vulnerability Struts2 + Classloader + How to play

Question

Vulnerability Struts2 + Classloader + How to play

How to Reproduce Security Problem CVE-2014-0094 . I googled, but could not find a link to the same.

+3

security classloader struts2

param83 Apr 28 '14 at 12:36

source share

3 answers

, Struts2 Security Bulletins.

, , S2-020 , Struts 2.3.16.1.
: , S2-021, ( , ) Struts 2.3.16.2.

0

Andrea Ligios 28 . '14 14:00

,

http://host/struts2-blank/example/X.action?class.classLoader

The problem is documented under S2-020 .

0

Roman c Apr 28 '14 at 14:47

source share

param83 · Accepted Answer · 2014-04-30T03:57:48+0000

It worked.

I need to enable logging (for the ognl package) to see the error.

Pass parameter, for example class.classLoader.resource.dircontext.docBase = someText to struts2 application.

local: 8080 / SampleApp / showlogin.do class.classLoader.resource.diretext.docBase = SOMETEXT

Then in the magazine I would see something like this.

java.lang.IllegalArgumentException: Document base base does not exist or is not a readable directory
    at org.apache.naming.resources.FileDirContext.setDocBase(FileDirContext.java:136)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

After applying the workaround, I do not see the above error in the log.

: http://www.brentron.com/safe/web/9248.html http://isayan.cocolog-nifty.com/diary/2014/04/s2-020.html

Vulnerability Struts2 + Classloader + How to play

More articles: