What does WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your application has in Common?

Source: Internet
Author: User
Tags jboss jboss application server opennms websphere application server

What ?

The most underrated, underhyped vulnerability have recently come to my attention, and I ' m about to bring it to your S. No one gave it a fancy name, there were No press releases, nobody called Mandiant to come put out the fires. In fact, even though proof of concept code is released over 9 MONTHS AGO, none of the products mentioned in the title of This post has been patched, along with many more. In fact no patch was available for the Java library containing the vulnerability. In addition to any commercial products that is vulnerable, this also affects many custom applications.

In this post I'll be dropping pre-authentication, remote code execution exploits that leverage the vulnerability for WEBL Ogic, WebSphere, JBoss, Jenkins, and OpenNMS. All on the newest versions. Even more interesting, I'll detail the process we went through to discover that these products were vulnerable, and how I Developed the exploits. This should empower the go out and find this same bugs in your own software or commercial products so you or your Clie NTS use. All code can is found on the Foxglove Security Github.

I ' ll also be touching on what this bug was unlikely to go away soon. You can infuriate your developers and ops people by telling them to follow the instructions in "the Fix" sections to Remedi Ate this in your environment. It'll fix it, but it's an admittedly ugly solution.

This post was going to be long. Because i ' m a nice person, I made you a index. Feel free-to-skip straight to the exploits if you ve got better things to do than read my rambling:

  1. Background –unserialize Vulnerabilities and why didn ' t I hear about this sooner?

  2. The Vulnerability –light Details on the @frohoff and @gebl

  3. How Common is Commons? –how to find software this is vulnerable

  4. Exploit Dev for Skiddies , Haven High Level process-to-using this vulnerability

  5. Exploit 1–websphere Application Server

  6. Exploit 2–jboss Application Server

  7. Exploit 3–jenkins

  8. Exploit 4–weblogic Application Server

  9. Exploit 5–opennms Through RMI

  10. The fix–how to Monkey Patch Your Servers

...

Article longer, do not copy and paste, directly read the original bar

Original: http://foxglovesecurity.com/2015/11/06/ what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/# Background


What does WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your application has in Common?

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.