Community Learn Tools Library Leisure

English

Home > Database > Mysql Tutorial > body text

Unify的eWave ServletExec拒绝服务漏洞 _MySQL

WBOY

Release： 2016-06-01 14:07:41

Original

981 people have browsed it

拒绝服务servlet

　　涉及程序：
eWave ServletExec

描述：
Unify的eWave ServletExec拒绝服务漏洞

详细：
Unify的eWave ServletExec是一个JSP和Java Servlet引擎，它们被用作象Apache、IIS、Netscape等等流行的网络服务器的插件。

发送一个URL请求可能引起ServletExec servlet引擎突然终止，但是web服务器不会受到影响。

可以通过在URL前加上servlet路径前缀“/servlet”这样可以强制调用任意的servlet。一个名为“ServletExec”的servlet存在于服务端。

强制执行“ServletExec”servlet将导致servlet引擎初始化并试图在80口上绑定一个服务器线程。如果服务器已经运行，端口绑定操作将导致servlet引擎异常终止。

例如，如果ServletExec作为80端口上的web服务器插件运行在10.0.0.1上，攻击者可打开一个80端口的连接，发出如下的GET请求使servlet引擎异常终止。
nc 10.0.0.1 80
GET /servlet/ServletExec HTTP/1.0
或者从浏览器中存取URL：http://10.0.0.1/servlet/ServletExec 也能达到相同的效果。

日志文件中将记录如下内容：
Received an exception when starting ServletExec:
java.net.BindException:
Address in use: bind

受影响的系统：
Unify eWave ServletExec 3.0C

解决方案：
升级到 ServletExec 3.0E 版本：
http://www.servletexec.com/downloads/

Related labels：

servlet reject Serve loopholes

source：php.cn

Previous article：十三、JSP动作_MySQL Next article：三、第一个Servlet_MySQL

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Latest Articles by Author

What is a NullPointerException, and how do I fix it?

2024-10-22 09:46:29
From Novice to Coder: Your Journey Begins with C Fundamentals

2024-10-13 13:53:41
Unlocking Web Development with PHP: A Beginner's Guide

2024-10-12 12:15:51
Demystifying C: A Clear and Simple Path for New Programmers

2024-10-11 22:47:31
Unlock Your Coding Potential: C Programming for Absolute Beginners

2024-10-11 19:36:51
Unleash Your Inner Programmer: C for Absolute Beginners

2024-10-11 15:50:41
Automate Your Life with C: Scripts and Tools for Beginners

2024-10-11 15:07:41
PHP Made Easy: Your First Steps in Web Development

2024-10-11 14:21:21
Build Anything with Python: A Beginner's Guide to Unleashing Your Creativity

2024-10-11 12:59:11
The Key to Coding: Unlocking the Power of Python for Beginners

2024-10-11 12:17:31

Latest Issues

function_exists() cannot determine the custom function Function test () {return true;} if (function_exists ('test')) {echo "test is function...

From 2024-04-29 11:01:01

0

2

1842

How to display the mobile version of Google Chrome Hello teacher, how can I change Google Chrome into a mobile version?

From 2024-04-23 00:22:19

0

10

2014

The child window operates the parent window, but the output does not respond. The first two sentences are executable, but the last sentence cannot be implemented.

From 2024-04-19 15:37:47

0

1

1696

There is no output in the parent window document.onclick = function(){ window.opener.document.write('I am the output of the child ...

From 2024-04-18 23:52:34

0

1

1596

Where is the courseware about CSS mind mapping? Courseware

From 2024-04-16 10:10:18

0

0

1613

Related Topics

More>

Popular Recommendations

Popular Tutorials

More>

Related Tutorials

Popular Recommendations

Latest courses

Latest Downloads

More>

Web Effects

Website Source Code

Website Materials

Front End Template