qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/Apache-Tomcat-CVE-2017-1261...

57 lines
3.0 KiB
JSON
Raw Normal View History

auto
2022-11-25 02:08:58 -08:00
{
"Name": "Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability",
"Description": "When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.",
"Product": "Apache-Tomcat",
"Homepage": "http://tomcat.apache.org/",
"DisclosureDate": "2017-09-19",
"Author": "itardc@163.com",
"GifAddress": "https://raw.githubusercontent.com/gobysec/GobyVuls/master/Tomcat/CVE-2017-12615/CVE-2017-12615.gif",
"FofaQuery": "app=\"Apache-Tomcat\"",
"GobyQuery": "app=\"Apache-Tomcat\"",
"Level": "3",
"Impact": "It was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.",
"Recommendation": "Update version from https://tomcat.apache.org/",
"References": [
"http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html",
"http://www.securityfocus.com/bid/100901",
"http://www.securitytracker.com/id/1039392",
"https://access.redhat.com/errata/RHSA-2017:3080",
"https://access.redhat.com/errata/RHSA-2017:3081",
"https://access.redhat.com/errata/RHSA-2017:3113",
"https://access.redhat.com/errata/RHSA-2017:3114",
"https://access.redhat.com/errata/RHSA-2018:0465",
"https://access.redhat.com/errata/RHSA-2018:0466",
"https://github.com/breaktoprotect/CVE-2017-12615",
"https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c@%3Cannounce.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E",
"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20171018-0001/",
"https://www.exploit-db.com/exploits/42953/",
"https://www.synology.com/support/security/Synology_SA_17_54_Tomcat",
"https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12615"
],
"HasExp": true,
"ExpParams": null,
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": null,
"ExploitSteps": null,
"Tags": ["rce", "getshell"],
"CVEIDs": [
"CVE-2017-12615"
],
"CVSSScore": "8.1",
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": ["Apache-Tomcat"],
"System": null,
"Hardware": null
}
}