On 19/09/17 14:00, André Warnier (tomcat) wrote: > Hello. > > Did the issue below also affect the DAV application ?
Yes, as the WebDAV servlet also processes HTTP PUT requests. The WebDAV servlet extends the Default servlet so they actually share the implementation. > And if yes, also only under Windows ? Yes. This is, as far as we can tell, Windows specific. HTH, Mark > > -------- Forwarded Message -------- > Subject: [SECURITY] CVE-2017-12615 Apache Tomcat Remote Code Execution > via JSP upload > Date: Tue, 19 Sep 2017 11:58:44 +0100 > From: Mark Thomas <[email protected]> > Reply-To: Tomcat Users List <[email protected]> > To: Tomcat Users List <[email protected]> > CC: [email protected] <[email protected]>, > [email protected], Tomcat Developers List <[email protected]> > > CVE-2017-7674 Apache Tomcat Remote Code Execution via JSP Upload > > Severity: Important > > Vendor: The Apache Software Foundation > > Versions Affected: > Apache Tomcat 7.0.0 to 7.0.79 > > Description: > When running on Windows with HTTP PUTs enabled (e.g. via setting the > readonly initialisation parameter of the Default to false) it was > possible to upload a JSP file to the server via a specially crafted > request. This JSP could then be requested and any code it contained > would be executed by the server. > > Mitigation: > Users of the affected versions should apply one of the following > mitigations: > - Upgrade to Apache Tomcat 7.0.81 or later (7.0.80 was not released) > > Credit: > This issue was reported responsibly to the Apache Tomcat Security Team > by iswin from 360-sg-lab (360观星实验室) > > History: > 2017-09-19 Original advisory > > References: > [1] http://tomcat.apache.org/security-7.html > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
