Unify eWave ServletExec 泄露jsp源代码漏洞 _MySQL
servlet
涉及程序:
ServletExec
描述:
在HTTP请求中添加特殊字符导致暴露JSP源代码文件
详细:
Unify eWave ServletExec 是一个 Java/Java Servlet 引擎插件,主要用于 WEB 服务器,例如:Microsoft IIS, Apache, Netscape Enterprise 服务器等等。
当一个 HTTP 请求中添加下列字符之一,ServletExec 将返回 JSP 源代码文件。
.
%2E
+
%2B
\
%5C
%20
%00
成功的利用该漏洞将导致泄露指定的JSP文件的源代码
例如:
使用下面的任意一个URL请求将输出指定的JSP文件的源代码:
http://target/directory/jsp/file.jsp.
http://target/directory/jsp/file.jsp%2E
http://target/directory/jsp/file.jsp+
http://target/directory/jsp/file.jsp%2B
http://target/directory/jsp/file.jsp\
http://target/directory/jsp/file.jsp%5C
http://target/directory/jsp/file.jsp%20
http://target/directory/jsp/file.jsp%00
受影响的系统:
Unify eWave ServletExec 3.0c
- Sun Solaris 8.0
- Microsoft Windows 98
- Microsoft Windows NT 4.0
- Microsoft Windows NT 2000
- Linux kernel 2.3.x
- IBM AIX 4.3.2
- HP HP-UX 11.4
Unify eWave ServletExec 3.0
- Sun Solaris 8.0
- Microsoft Windows 98
- Microsoft Windows NT 4.0
- Microsoft Windows NT 2000
- Linux kernel 2.3.x
- IBM AIX 4.3.2
- HP HP-UX 11.4
解决方案:
临时解决办法:
如果没有使用任何静态页面或图像,可以配置一个默认的 servlet,并将“/”映射到这个默认的 servlet。这样当收到一个未映射到某个 servlet 的 URL 时,这个默认的servlet 就会被调用。在这种情况下,默认的 servlet 可以仅仅返回“未找到文件”。如果使用了静态的页面或图像,仍然可以作这样的配置,但是需要让这个默认的servlet 处理对合法的静态页面和图像的请求。
另一种可能就是将*.jsp+、*.jsp.和*.jsp\等映射到一个 servlet,而该servlet只是返回“未找到文件”。对于*.jsp%00和*.jsp%20这样的情况,映射应以未经编码的形式输入。例如,对于*.jsp%20的映射应输入“*.jsp ”。注意%20被转换成一个空格字符。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
Tutorial on updating curl version under Linux!
Mar 07, 2024 am 08:30 AM
To update the curl version under Linux, you can follow the steps below: Check the current curl version: First, you need to determine the curl version installed in the current system. Open a terminal and execute the following command: curl --version This command will display the current curl version information. Confirm available curl version: Before updating curl, you need to confirm the latest version available. You can visit curl's official website (curl.haxx.se) or related software sources to find the latest version of curl. Download the curl source code: Using curl or a browser, download the source code file for the curl version of your choice (usually .tar.gz or .tar.bz2
Jailbreak any large model in 20 steps! More 'grandma loopholes' are discovered automatically
Nov 05, 2023 pm 08:13 PM
In less than a minute and no more than 20 steps, you can bypass security restrictions and successfully jailbreak a large model! And there is no need to know the internal details of the model - only two black box models need to interact, and the AI can fully automatically defeat the AI and speak dangerous content. I heard that the once-popular "Grandma Loophole" has been fixed: Now, facing the "Detective Loophole", "Adventurer Loophole" and "Writer Loophole", what response strategy should artificial intelligence adopt? After a wave of onslaught, GPT-4 couldn't stand it anymore, and directly said that it would poison the water supply system as long as... this or that. The key point is that this is just a small wave of vulnerabilities exposed by the University of Pennsylvania research team, and using their newly developed algorithm, AI can automatically generate various attack prompts. Researchers say this method is better than existing
The servlet life cycle is divided into several stages
Feb 23, 2023 pm 01:46 PM
The Servlet life cycle refers to the entire process from creation to destruction of a servlet, which can be divided into three stages: 1. Initialization stage, calling the init() method to initialize the Servlet; 2. Running stage (processing requests), the container will Request to create a ServletRequest object representing an HTTP request and a ServletResponse object representing an HTTP response, and then pass them as parameters to the service() method of the Servlet; 3. Destruction phase.
How to solve common file upload vulnerabilities in PHP language development?
Jun 10, 2023 am 11:10 AM
In the development of web applications, the file upload function has become a basic requirement. This feature allows users to upload their own files to the server and then store or process them on the server. However, this feature also makes developers need to pay more attention to a security vulnerability: the file upload vulnerability. Attackers can attack the server by uploading malicious files, causing the server to suffer varying degrees of damage. PHP language is one of the languages widely used in web development, and file upload vulnerabilities are also one of the common security issues. This article will introduce
Buffer overflow vulnerability in Java and its harm
Aug 09, 2023 pm 05:57 PM
Buffer overflow vulnerabilities in Java and their harm Buffer overflow means that when we write more data to a buffer than its capacity, it will cause data to overflow to other memory areas. This overflow behavior is often exploited by hackers, which can lead to serious consequences such as abnormal code execution and system crash. This article will introduce buffer overflow vulnerabilities and their harm in Java, and give code examples to help readers better understand. The buffer classes widely used in Java include ByteBuffer, CharBuffer, and ShortB
What are the application scenarios of Java Servlet?
Apr 17, 2024 am 08:21 AM
JavaServlet can be used for: 1. Dynamic content generation; 2. Data access and processing; 3. Form processing; 4. File upload; 5. Session management; 6. Filter. Example: Create a FormSubmitServlet to handle form submission, taking name and email as parameters, and redirecting to success.jsp.
How to view java source code
Dec 27, 2023 pm 04:41 PM
View steps: 1. Find the installation directory or view online; 2. Unzip the source code; 3. Use a text editor or integrated development environment; 4. Navigate and view the source code. Detailed introduction: 1. Find the installation directory or view online: If JDK is installed, you can find the Java source code in the JDK installation directory. In the JDK installation directory, there is usually a src.zip or similar compressed file, which contains the source code of the Java core class library; it is also possible to view the Java source code online, etc.
The OpenAI DALL-E 3 model has a vulnerability that generates 'inappropriate content.' A Microsoft employee reported it and was slapped with a 'gag order.'
Feb 04, 2024 pm 02:40 PM
According to news on February 2, Shane Jones, manager of Microsoft’s software engineering department, recently discovered a vulnerability in OpenAI’s DALL-E3 model, which is said to be able to generate a series of inappropriate content. Shane Jones reported the vulnerability to the company, but was asked to keep it confidential. However, he eventually decided to disclose the vulnerability to the outside world. ▲Image source: Report disclosed by ShaneJones. This site noticed that ShaneJones discovered through independent research in December last year that there was a vulnerability in the DALL-E3 model of OpenAI text-generated images. This vulnerability can bypass the AI Guardrail (AIGuardrail), resulting in the generation of a series of NSFW inappropriate content. This discovery attracted widespread attention
