Apache Solr Remote Code Execution Vulnerability (CVE-2019-0193) Threat Alert
agosto 13, 2019
1 Vulnerability Overview
Recently, Apache Software Foundation (ASF) issued a security bulletin to announce the fix of the remote arbitrary code execution vulnerability (CVE-2019-0193) in Apache Solr. This vulnerability exists in the DataImportHandler module, a common module used to import data from databases or other sources. The whole DIH configuration of this module can come from the dataConfig parameter included in an external request. As a DIH configuration can contain scripts, this parameter is a security risk. (mais…)
Apache Axis Remote Code Execution Vulnerability (CVE-2019-0227) Threat Alert
abril 19, 2019
Overview
The default service StockQuoteService.jws in Axis contains a hard-coded HTTP URL, which can be used to trigger an HTTP request. An attacker can conduct a man-in-the-middle (MITM) attack by taking control of a domain (www.xmltoday.com) or performing ARP poisoning against the targeted Axis server, and then redirect the HTTP request to a malicious web server before remotely executing code on the Apache Axis server (CVE-2019-0227). (mais…)
Apache HTTP Server Privilege Escalation Vulnerability (CVE-2019-0211) Threat Alert
abril 8, 2019
Overview
Recently, Apache Software Foundation released a security advisory, announcing remediation of a privilege escalation vulnerability (CVE-2019-0211) in the Apache HTTP Server. Apache HTTP Server running MPM event, worker or prefork could allow an attacker to gain elevated privileges on the system by executing code in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter). By manipulating the scoreboard, an attacker could exploit this vulnerability to gain privileges of the parent process (usually root) and execute arbitrary code on the system. (mais…)
