Tuesday, March 2, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

New High-Risk Vulnerability Affects Servers Running Apache Tomcat

February 29, 2020
in Internet Privacy
New High-Risk Vulnerability Affects Servers Running Apache Tomcat
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it.

Yes, that’s possible because all versions (9.x/8.x/7.x/6.x) of the Apache Tomcat released in the past 13 years have been found vulnerable to a new high-severity (CVSS 9.8) ‘file read and inclusion bug’—which can be exploited in the default configuration.

You might also like

Chinese Hackers Targeted India’s Power Grid Amid Geopolitical Tensions

Why do companies fail to stop breaches despite soaring IT security investment?

Gootkit RAT Using SEO to Distribute Malware Through Compromised Sites

But it’s more concerning because several proof-of-concept exploits (1, 2, 3, 4 and more) for this vulnerability have also been surfaced on the Internet, making it easy for anyone to hack into publicly accessible vulnerable web servers.

Dubbed ‘Ghostcat‘ and tracked as CVE-2020-1938, the flaw could let unauthenticated, remote attackers read the content of any file on a vulnerable web server and obtain sensitive configuration files or source code, or execute arbitrary code if the server allows file upload, as shown in a demo below.

What is Ghostcat Flaw And How Does it Work?

According to Chinese cybersecurity company Chaitin Tech, the vulnerability resides in the AJP protocol of Apache Tomcat software that arises due to improper handling of an attribute.

“If the site allows users upload file, an attacker can first upload a file containing malicious JSP script code to the server (the uploaded file itself can be of any filetype, such as pictures, plain text files, etc.), and then include the uploaded file by exploiting the Ghostcat, which finally can result in remote code execution,” the researchers said.

Apache JServ Protocol (AJP) protocol is basically an optimized version of the HTTP protocol to allow Tomcat to communicate with an Apache web-server.

apache tomcat hacking

Though AJP protocol comes enabled by default and listens at TCP port 8009, it is bound to IP address 0.0.0.0 and can only be exploited remotely when accessible to untrusted clients.

According to ‘onyphe,’ a search engine for open-source and cyber threat intelligence data, there are more than 170,000 devices that are exposing an AJP Connector to everyone through the Internet, at the time of writing.

Apache Tomcat Vulnerability: Patch and Mitigation

Chaitin researchers found and reported this flaw last month to the Apache Tomcat project, who has now released Apache Tomcat 9.0.31, 8.5.51, and 7.0.100 versions to patch the issue.

The latest releases also fix 2 other low severity HTTP request smuggling (CVE-2020-1935 and CVE-2019-17569) issues.

Web administrators are strongly recommended to apply the software updates as soon as possible and advised to never expose AJP port to untrusted clients because it communicates over the insecure channel and meant to be used within a trusted network.

“Users should note that a number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31 or later will need to make small changes to their configurations as a result,” the Tomcat team said.

However, if, for some reason, you can’t upgrade your affected web server immediately, you can also disable the AJP Connector directly, or change its listening address to the localhost.


Credit: The Hacker News By: noreply@blogger.com (Swati Khandelwal)

Previous Post

‘New’ PS5 Details Are Out – And Boy, Will They Disappoint You

Next Post

Amazon shipment missing? 6 ways to reduce the odds of stolen packages

Related Posts

Chinese Hackers Targeted India’s Power Grid Amid Geopolitical Tensions
Internet Privacy

Chinese Hackers Targeted India’s Power Grid Amid Geopolitical Tensions

March 2, 2021
Why do companies fail to stop breaches despite soaring IT security investment?
Internet Privacy

Why do companies fail to stop breaches despite soaring IT security investment?

March 2, 2021
Gootkit RAT Using SEO to Distribute Malware Through Compromised Sites
Internet Privacy

Gootkit RAT Using SEO to Distribute Malware Through Compromised Sites

March 2, 2021
SolarWinds Blames Intern for Weak Password That Led to Biggest Attack in 2020
Internet Privacy

SolarWinds Blames Intern for Weak Password That Led to Biggest Attack in 2020

March 1, 2021
Cisco Releases Security Patches for Critical Flaws Affecting its Products
Internet Privacy

Cisco Releases Security Patches for Critical Flaws Affecting its Products

February 27, 2021
Next Post
Amazon shipment missing? 6 ways to reduce the odds of stolen packages

Amazon shipment missing? 6 ways to reduce the odds of stolen packages

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

SolarWinds security fiasco may have started with simple password blunders
Internet Security

SolarWinds security fiasco may have started with simple password blunders

March 2, 2021
Chinese Hackers Targeted India’s Power Grid Amid Geopolitical Tensions
Internet Privacy

Chinese Hackers Targeted India’s Power Grid Amid Geopolitical Tensions

March 2, 2021
Importance of Data Science in Modern Age
Data Science

Importance of Data Science in Modern Age

March 2, 2021
Ask the Expert: What’s New in Azure Machine Learning | Ask the Expert
Machine Learning

Ask the Expert: What’s New in Azure Machine Learning | Ask the Expert

March 2, 2021
Can India beat the global AI challenge? Can we avoid huge job extinction here? | by Yogesh Chauhan | Jan, 2021
Neural Networks

Can India beat the global AI challenge? Can we avoid huge job extinction here? | by Yogesh Chauhan | Jan, 2021

March 2, 2021
Singapore eyes more cameras, technology to boost law enforcement
Internet Security

Singapore eyes more cameras, technology to boost law enforcement

March 2, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • SolarWinds security fiasco may have started with simple password blunders March 2, 2021
  • Chinese Hackers Targeted India’s Power Grid Amid Geopolitical Tensions March 2, 2021
  • Importance of Data Science in Modern Age March 2, 2021
  • Ask the Expert: What’s New in Azure Machine Learning | Ask the Expert March 2, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates