Security News > 2020 > March > Apache Tomcat Exploit Poised to Pounce, Stealing Files

Apache Tomcat Exploit Poised to Pounce, Stealing Files
2020-03-23 20:56

A vulnerability in the popular Apache Tomcat web server is ripe for active attack, thanks to a proof-of-concept exploit making an appearance on GitHub.

The Apache Tomcat open-source web server supports various JavaScript-based technologies, including the Apache JServ Protocol interface, which is where the vulnerability resides.

In a default Tomcat installation on Windows 10, Tomcat's AJP port, on 8009, is exposed - allowing outside users to interact with and gain access to the Tomcat server itself.

"Through the AJP connector, an attacker can retrieve arbitrary files from Tomcat's web root, including the files residing within the 'WEB-INF' and 'META-INF' directories through the ServletContext.getResourceAsStream() function," according to the Flashpoint posting.

"Additionally, arbitrary files within the web application on the vulnerable Tomcat server can be processed as a JSP page through the AJP connector."


News URL

https://threatpost.com/apache-tomcat-exploit-stealing-files/154055/?utm_source=rss&utm_medium=rss&utm_campaign=apache-tomcat-exploit-stealing-files

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apache 281 13 549 713 367 1642