You are here

U-058: Apache Struts Conversion Error OGNL Expression Injection Vulnerability

December 12, 2011 - 9:00am

Addthis

PROBLEM:

A vulnerability was reported in Apache Struts. A remote user can execute arbitrary commands on the target system.

PLATFORM:

Apache Struts 2.x

ABSTRACT:

Apache Struts Conversion Error OGNL Expression Injection Vulnerability.

reference LINKS:

Apache Struts 2.2.3.1 distribution
Secunia Advisory: SA47176
Vulnerability Report: Apache Struts 2.x
SecurityTracker Alert ID: 1026402
CNET Forums

IMPACT ASSESSMENT:

High

Discussion:

When a conversion error occurs, user-supplied input is evaluated as an OGNL expression. A remote user can send specially crafted data to execute arbitrary OGNL commands on the target system.

Impact:

The vulnerability is caused due to an input sanitisation error, which can be exploited to to inject and execute OGNL expressions if a conversion error is encountered.The vulnerability is reported in versions 2.0.0 through 2.2.3.

Solution:

The vendor has issued a fix.Update to version 2.2.3.1. Apache Downloads and Support

Addthis