________________________________
From: Greg Huber <gregh3...@gmail.com>
Sent: Thursday, March 16, 2017 5:19 AM
To: Struts Developers List
Subject: Re: S2 makes Hacker News :/
Just because you are using s2, does not necessarily mean you are affected,
all I get is a response :
HTTP/1.1 404
Content-Length: 0
Date: Thu, 16 Mar 2017 09:02:54 GMT
Connection: close
Looking at my logs this fishing is going on all the time.
MG>from what i read injections only happen with Content-Type injection
MG>then again patches Struts 2.3.32 or 2.5.10.1 has been available for some
time
MG>Johannes suggests implementing 'snort' to detect injection vulnerability
reference link at sans.edu below:
https://isc.sans.edu/forums/diary/Critical+Apache+Struts+2+Vulnerability+Patch+Now/22169/
MG>Thanks Lukasz!
Thanks also Lukasz for the quick fix.
Cheers Greg
On 14 March 2017 at 18:17, Lukasz Lenart <lukaszlen...@apache.org> wrote:
> 2017-03-14 15:57 GMT+01:00 Doug Erickson <erick...@part.net>:
> > What is the proper server setup to prevent this?
>
> Upgrade to the latest Struts version ... and run server on a dedicated
> account, block access to the world (sever should be only allowed to
> connect to localhost) and few other things
>
>
> Regards
> --
> Łukasz
> + 48 606 323 122 http://www.lenart.org.pl/
Łukasz Lenart - strona domowa<http://www.lenart.org.pl/>
www.lenart.org.pl
pasja ciągle coś nowego. programowanie, tworzenie jest dla mnie życiową pasją,
jak dotąd udaje mi sie łączyć to co lubię z tym za co mi płacą i ...
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org
> For additional commands, e-mail: dev-h...@struts.apache.org
>
>
