exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

CVE-2020-1938

Status Candidate

Overview

When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations.

Related Files

Red Hat Security Advisory 2021-3140-01
Posted Aug 12, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3140-01 - This release of Red Hat Fuse 7.9.0 serves as a replacement for Red Hat Fuse 7.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, bypass, code execution, cross site scripting, denial of service, deserialization, information leakage, man-in-the-middle, memory leak, resource exhaustion, server-side request forgery, remote SQL injection, and traversal vulnerabilities.

tags | advisory, remote, web, denial of service, vulnerability, code execution, xss, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2017-18640, CVE-2017-5645, CVE-2019-12402, CVE-2019-14887, CVE-2019-16869, CVE-2019-20445, CVE-2020-10688, CVE-2020-10693, CVE-2020-10714, CVE-2020-10719, CVE-2020-11996, CVE-2020-13920, CVE-2020-13934, CVE-2020-13935, CVE-2020-13936, CVE-2020-13954, CVE-2020-13956, CVE-2020-14040, CVE-2020-14297, CVE-2020-14338, CVE-2020-14340, CVE-2020-1695, CVE-2020-17510, CVE-2020-17518, CVE-2020-1925, CVE-2020-1935, CVE-2020-1938
SHA-256 | 7b87634aaeff995c7acbe482688b36f551a706a54a262f6607bd35c528818502
Apache Ghostcat Exploitation
Posted Mar 22, 2021
Authored by Team SafeSecurity

This whitepaper focuses on explaining the Apache Ghostcat vulnerability and how it can be used to read file contents of all web applications deployed on Tomcat.

tags | paper, web
advisories | CVE-2020-1938
SHA-256 | dc2b8740104317c36ad79dcb929d334c237272637cf804d3dfc086cec7bb44d1
Red Hat Security Advisory 2020-2840-01
Posted Jul 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2840-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Issues addressed include a file read vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2020-1938
SHA-256 | 469268d94d9874f83794d1799a19f37aef89e17a5c24f2b64ccaa65b8bf4715e
Red Hat Security Advisory 2020-2783-01
Posted Jul 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2783-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-14885, CVE-2020-1938
SHA-256 | 88d7f18cc7e412ba82e9de254d3aeb83c24bf2123cb63a8a900c8944fa68eeb8
Red Hat Security Advisory 2020-2779-01
Posted Jul 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2779-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-14885, CVE-2020-1938
SHA-256 | 44f0384e1fe12afa774cb190613597cecd4b5ae04daa7e10ef2a5ceb2823a6a0
Red Hat Security Advisory 2020-2780-01
Posted Jul 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2780-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-14885, CVE-2020-1938
SHA-256 | e8b0511a2ea00653c79aba2f809522e4cdde0fa5a82cfbfc83d5ea670fb81eca
Red Hat Security Advisory 2020-2781-01
Posted Jul 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2781-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2019-14885, CVE-2020-1938
SHA-256 | 072dbf3fdbd3590dbe81f93466def85c05cbb10986f4c0715035010fb1a719ca
Red Hat Security Advisory 2020-2367-01
Posted Jun 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2367-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.1.13 serves as a replacement for Red Hat support for Spring Boot 2.1.12, and includes security and bug fixes and enhancements. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2019-14888, CVE-2020-1745, CVE-2020-1935, CVE-2020-1938
SHA-256 | 648d3e7e6b8b0230e170a363c66446ba991afc1894fe7567edce53d9d649b7f8
Debian Security Advisory 4673-1
Posted May 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4673-1 - Several vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in HTTP request smuggling and code execution in the AJP connector (disabled by default in Debian).

tags | advisory, web, vulnerability, code execution
systems | linux, debian
advisories | CVE-2019-17569, CVE-2020-1935, CVE-2020-1938
SHA-256 | ba3d584d4fdc2ced4b9b9288a441018d4480428ec0d74e435018d2230c3f1349
Debian Security Advisory 4680-1
Posted May 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4680-1 - Several vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in HTTP request smuggling, code execution in the AJP connector (disabled by default in Debian) or a man-in-the-middle attack against the JMX interface.

tags | advisory, web, vulnerability, code execution
systems | linux, debian
advisories | CVE-2019-10072, CVE-2019-12418, CVE-2019-17563, CVE-2019-17569, CVE-2020-1935, CVE-2020-1938
SHA-256 | d84200d1f875157db5551cd1679c3bdbff3b6dbe5f87a455c1a84bf2902aa60e
Red Hat Security Advisory 2020-1520-01
Posted Apr 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1520-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.3 serves as a replacement for Red Hat JBoss Web Server 5.2, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a privilege escalation vulnerability.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2019-12418, CVE-2019-17563, CVE-2019-17569, CVE-2020-1935, CVE-2020-1938
SHA-256 | 6481d3b4894b8257fe04a1de77cf86fde8705632a521c3292aa929df7bc8d021
Red Hat Security Advisory 2020-1521-01
Posted Apr 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1521-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.3 serves as a replacement for Red Hat JBoss Web Server 5.2, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a privilege escalation vulnerability.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2019-12418, CVE-2019-17563, CVE-2019-17569, CVE-2020-1935, CVE-2020-1938
SHA-256 | d1ee13e290259d45fd58cb8efea63a50014e163459409719312becbb3261ff82
Red Hat Security Advisory 2020-1478-01
Posted Apr 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1478-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for the Apache Tomcat package in JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to this updated package.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2020-1938
SHA-256 | d84fae8c88d4aa3d8749bc4b09e1db93b8f74c5ff47654c2138ce978f244de21
Red Hat Security Advisory 2020-1479-01
Posted Apr 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1479-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for the Apache Tomcat package in JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to these updated packages.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2020-1938
SHA-256 | cb3d2e59f737cca534608d0a69b173e618f90055450114ed6b1d53e19692bf15
Red Hat Security Advisory 2020-0912-01
Posted Mar 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0912-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. A file read / inclusion vulnerability was addressed.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2020-1938
SHA-256 | 1dce0fdf7252e07cb2b9ce83ef01e94b8efc7faade6112fedaf777397699f269
Gentoo Linux Security Advisory 202003-43
Posted Mar 19, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-43 - Multiple vulnerabilities have been found in Apache Tomcat, the worst of which could lead to arbitrary code execution. Versions less than 8.5.51 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2019-0221, CVE-2019-12418, CVE-2019-17563, CVE-2020-1938
SHA-256 | 8f38e640cf6af12b8976936a5caecaa77d1d1f19388a0f0f4bffe837a3412916
Red Hat Security Advisory 2020-0855-01
Posted Mar 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0855-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. A file read / inclusion vulnerability was addressed.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2020-1938
SHA-256 | be68db7181741e6b876be62ba34afbba9c6dc3adb7307d389ef4ae6c72cd3147
Red Hat Security Advisory 2020-0861-01
Posted Mar 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0861-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 8 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, web, xss
systems | linux, redhat
advisories | CVE-2019-0221, CVE-2019-12418, CVE-2019-17563, CVE-2020-1938
SHA-256 | 5912cad22f0afc43d80ee84e84aa2cfe37aa8ce59818cd00dd1203e1f3f6d01b
Red Hat Security Advisory 2020-0860-01
Posted Mar 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0860-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 8 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, web, xss
systems | linux, redhat
advisories | CVE-2019-0221, CVE-2019-12418, CVE-2019-17563, CVE-2020-1938
SHA-256 | 385ed72c129170e7bd47c8e7798856ca9e8dc3465e3225895c6665368d411874
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close