Apache Struts Multiple Remote Vulnerabilities
BID:17342
Info
Apache Struts Multiple Remote Vulnerabilities
| Bugtraq ID: | 17342 |
| Class: | Unknown |
| CVE: |
CVE-2006-1546 CVE-2006-1547 CVE-2006-1548 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 31 2006 12:00AM |
| Updated: | May 15 2006 10:09PM |
| Credit: | Paul Benedict, Bogdan Serban, and Tommy Wareing reported these issue to the vendor. |
| Vulnerable: |
S.u.S.E. Linux Professional 10.0 OSS S.u.S.E. Linux Professional 9.3 x86_64 S.u.S.E. Linux Professional 9.3 S.u.S.E. Linux Personal 10.0 OSS S.u.S.E. Linux Personal 9.3 x86_64 S.u.S.E. Linux Personal 9.3 Apache Software Foundation Struts 1.1 Apache Struts 1.2.8 Apache Struts 1.2.7 Apache Struts 1.1 |
| Not Vulnerable: |
Apache Struts 1.2.9 |
Discussion
Apache Struts Multiple Remote Vulnerabilities
Apache Struts is susceptible to multiple remote vulnerabilities.
The following issues were identified:
- A cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
- A denial-of-service vulnerability. An attacker may leverage this issue to crash an affected web application, denying further service to legitimate users.
- A validation-bypass vulnerability. An attacker may leverage this issue to bypass validation and authentication checks in a web application. The exact consequences of this issue depend on the nature of the targeted application.
Apache Struts versions prior to 1.2.9 are affected by these issues.
Apache Struts is susceptible to multiple remote vulnerabilities.
The following issues were identified:
- A cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
- A denial-of-service vulnerability. An attacker may leverage this issue to crash an affected web application, denying further service to legitimate users.
- A validation-bypass vulnerability. An attacker may leverage this issue to bypass validation and authentication checks in a web application. The exact consequences of this issue depend on the nature of the targeted application.
Apache Struts versions prior to 1.2.9 are affected by these issues.
Exploit / POC
Apache Struts Multiple Remote Vulnerabilities
This issue can be exploited through a web client.
This issue can be exploited through a web client.
Solution / Fix
Apache Struts Multiple Remote Vulnerabilities
Solution:
The vendor has released Struts version 1.2.9 to address these issues.
Please see the references for vendor advisories and fixes.
Apache Struts 1.1
Apache Software Foundation Struts 1.1
Apache Struts 1.2.7
Apache Struts 1.2.8
Solution:
The vendor has released Struts version 1.2.9 to address these issues.
Please see the references for vendor advisories and fixes.
Apache Struts 1.1
-
Apache Software Foundation struts-1.2.9-src.tar.gz
http://apache.mirrors.northco.net/struts/source/struts-1.2.9-src.tar.g z
Apache Software Foundation Struts 1.1
-
Apache Software Foundation struts-1.2.9-src.tar.gz
http://apache.mirrors.northco.net/struts/source/struts-1.2.9-src.tar.g z
Apache Struts 1.2.7
-
Apache Software Foundation struts-1.2.9-src.tar.gz
http://apache.mirrors.northco.net/struts/source/struts-1.2.9-src.tar.g z
Apache Struts 1.2.8
-
Apache Software Foundation struts-1.2.9-src.tar.gz
http://apache.mirrors.northco.net/struts/source/struts-1.2.9-src.tar.g z
References
Apache Struts Multiple Remote Vulnerabilities
References:
References:
- ASF Bugzilla Bug 38374 (Apache)
- ASF Bugzilla Bug 38534 (Apache)
- ASF Bugzilla Bug 38749 (Apache)
- Release Notes - Version 1.2.9 (Apache)
- Struts Homepage (Apache Software Foundation)