CVE-2014-7866 : Fix for Remote code execution via file upload vulnerability

CVE-2014-7866 : Fix for Remote code execution via file upload vulnerability

Details of Vulnerability:

Vulnerability: Remote code execution via file upload (unauthenticated 
on OpManager and Social IT) 
CVE-2014-7866 
Constraints: no authentication needed for OpManager and Social IT; 
authenticated in IT360 

a) 
POST /servlet/MigrateLEEData?fileName=../tomcat/webapps/warfile.war%00 
Affected versions: Unknown, at least OpManager v8 build 88XX to 
11.3/11.4; IT360 10.3/10.4; Social IT 11.0 

b) 
POST /servlet/MigrateCentralData?operation=downloadFileFromProbe&zipFileName=../tomcat/webapps/warfile.war%00 
Affected versions: Unknown, at least OpManager v8 build 88XX to 
11.3/11.4; IT360 10.3/10.4; Social IT 11.0 
 


Fix:(Compatible for 11300 & 11400 builds)

1)Download the attached patch

2)Extract it under /OpManager

3)Stop and Start OpManager


note: This fix will be implemented in build 11500 release.




      New to ADSelfService Plus?

        Resources

            • Related Articles

            • Servlet Vulnerability Fix

              This fix is compatible only for build 11300(OpManager and Social IT Plus).  Please follow these steps. 1)Download the attached zip file and extract it under /OpManager 2)Stop and Start OpManager Note: This zip file contains the fix for these ...
            • PGSQL:SubmitQuery.do vulnerability (CVE-2015-7765, CVE-2015-7766)

              http://seclists.org/fulldisclosure/2015/Sep/66 Vulnerability Detail: Any account that has access to the web interface with Administrator rights has the possibility to use a web form to execute SQL queries on the backend PostgreSQL instance. By ...
            • SQL Injection Vulnerability FIx

              Vulnerability: Blind SQL injection (unauthenticated) Fix: Upgrade to Social IT vXXXX; OpManager vXXXX; IT360 vXXXX Constraints: no authentication needed for OpManager and Social IT; authenticated in IT360 a) POST ...
            • HTTP Server Prone To Slow Denial Of Service Attack(CVE-2007-6750 CVE-2012-5568)

              Few third party vulnerability scanning tools has reported that OpManager has this DOS vulnerability CVE-2007-6750 CVE-2012-5568. TOMCAT developers have mentioned that it is not a vulnerability in TOMCAT and they don't have the plans to to fix it. ...
            • Poodle Vulnerability CVE-2014-3566

              POODLE, which stands for Padding Oracle on Downloaded Legacy Encryption, makes it possible for hackers to snoop on a user’s web browsing. The problem is an 18-year-old encryption standard, known as SSL v3, which is still used by older browsers like ...