Servlet Vulnerability Fix
This fix is compatible only for build 11300(OpManager and Social IT Plus).
Please follow these steps.
1)Download the attached zip file and extract it under /OpManager
2)Stop and Start OpManager
Note: This zip file contains the fix for these vulnerabilities.
1)Vulnerability: Remote code execution via file upload
2)Vulnerability: Arbitrary file deletion
New to ADSelfService Plus?
Related Articles
SQL Injection Vulnerability FIx
Vulnerability: Blind SQL injection (unauthenticated) Fix: Upgrade to Social IT vXXXX; OpManager vXXXX; IT360 vXXXX Constraints: no authentication needed for OpManager and Social IT; authenticated in IT360 a) POST ...CVE-2014-7866 : Fix for Remote code execution via file upload vulnerability
Details of Vulnerability: Vulnerability: Remote code execution via file upload (unauthenticated on OpManager and Social IT) CVE-2014-7866 Constraints: no authentication needed for OpManager and Social IT; authenticated in IT360 a) POST ...PGSQL:SubmitQuery.do vulnerability (CVE-2015-7765, CVE-2015-7766)
http://seclists.org/fulldisclosure/2015/Sep/66 Vulnerability Detail: Any account that has access to the web interface with Administrator rights has the possibility to use a web form to execute SQL queries on the backend PostgreSQL instance. By ...Poodle Vulnerability CVE-2014-3566
POODLE, which stands for Padding Oracle on Downloaded Legacy Encryption, makes it possible for hackers to snoop on a user’s web browsing. The problem is an 18-year-old encryption standard, known as SSL v3, which is still used by older browsers like ...Vulnerabilities in FailOverHelperServlet
Vulnerabilities in FailoverHelperServlet. >> Technical details: The affected servlet is the "FailOverHelperServlet" or if you prefer FailServlet. It is possible to hijack the failover operation completely. #1 Vulnerability: Local file include ...