Apache HTTP2 Header Memory Corruption Vulnerability (CVE-2020-9490, CVE-2020-11984, CVE-2020-11993)

Summary Apache, officially known as Apache HTTP Server, is an open-source and free web server software that powers most of the websites around the world. Recently, one Critical and two High severity flaws were fixed in Apache httpd 2.4.44. These flaws were tracked as CVE-2020-9490, CVE-2020-11984, and CVE-2020-11993 – out of which,  CVE-2020-9490 is the … Continue reading “Apache HTTP2 Header Memory Corruption Vulnerability (CVE-2020-9490, CVE-2020-11984, CVE-2020-11993)”

Apache Guacamole Remote Code Execution Vulnerability (CVE-2020-9497, CVE-2020-9498)

Summary: In the first week of July,2020, Apache released patches to address two  critical vulnerabilities – CVE-2020-9497 and CVE-2020-9498. Researchers from the Check Point team found these vulnerabilities in FreeRDP and reverse RDP connection of Apache Guacamole.  Description: According to Apache’s documentation: “guacd is the heart of Guacamole.” Upon startup, guacd listens on TCP port 4822 and waits for incoming instructions from the … Continue reading “Apache Guacamole Remote Code Execution Vulnerability (CVE-2020-9497, CVE-2020-9498)”

Apache-Tomcat-Ajp File containment Vulnerability (CVE-2020-1938, CNVD-2020-10487)

Summary: In third week of February,2020, after MSPT, a file containing vulnerability, which can be used by an attacker to read or include any files in all webapp directories on Tomcat, such as webapp configuration files or source code. Description: AJP is a protocol that is supported by various WAS such as Apache HTTP Server, … Continue reading “Apache-Tomcat-Ajp File containment Vulnerability (CVE-2020-1938, CNVD-2020-10487)”

Apache Tomcat on Windows CGI Servlet Remote Code Execution Vulnerability (CVE-2019-0232)

Summary: Apache Tomcat has a vulnerability in the CGI Servlet which can be exploited to achieve remote code execution (RCE). Only Windows  is exploitable while running in a non-default configuration in conjunction with batch files. Description: conf/context.xml as well conf/web.xml enables CGI in tomcat. Common Gateway Interface (CGI) is a standard protocol allows passing of … Continue reading “Apache Tomcat on Windows CGI Servlet Remote Code Execution Vulnerability (CVE-2019-0232)”

Apache Struts 2 namespace Remote Code Execution Vulnerability: CVE-2018-11776

A remote code execution vulnerability was discovered in Apache Struts 2. The vulnerability in being tracked via CVE-2018-11776. Upon successful exploitation an attacker can gain remote execution on the target and ultimately take over the target machine. The issue affect all versions of Apache Struts 2, possibly even fixed versions where the settings are mis-configured. Apache has … Continue reading “Apache Struts 2 namespace Remote Code Execution Vulnerability: CVE-2018-11776”

Apache Solr Remote Execution Zero-Day Vulnerability : CVE-2017-12629

Introduction Two Critical vulnerabilities have been reported in the Apache Solr distributions. These vulnerabilities were found in the latest distribution of Apache Solr. One of which is an XML External Entity (XXE) Processing and the other allows remote code execution using one of the publicly exposed API. It has been assigned CVE-2017-12629. The two vulnerabilities could … Continue reading “Apache Solr Remote Execution Zero-Day Vulnerability : CVE-2017-12629”

Optionsbleed: Use-After-Free Leading to Memory Leak in Apache HTTP

Introduction: A user after free (UAF) vulnerability in Apache HTTP causes the server to respond with a corrupted ALLOW header while replying to a HTTP OPTIONS request. The Apache httpd enables attackers to read data from process memory if Limit directive is set for user in .htaccess file or if the file contains mis-configurations. This … Continue reading “Optionsbleed: Use-After-Free Leading to Memory Leak in Apache HTTP”