Remote code execution in Apache Tomcat 7.0
nvd.nist.govWindows only, maybe the title can be changed.
I stopped reading when I got to 'Windows' as well.
It's 2017 and scanning /0 for PUT still reliably gets a bunch of shells...
OH, that's a _netmask_. It took me an entire day to figure that out. I thought /0 was a path :)
Why does that return a shell?
Web shell via put, still quite common.
Just as common as dorking for common webshells with no or default passwords.
If you need a VPS fast googling for c99 is faster than spinning up something on AWS ;)
Would like to learn more about this.
Hmm... looks like this dropped from 20k to 700 while I wasn't looking, which I guess is a very good thing (these are DVRs!). But FWIW, for "JAWS/1.0 -2017 -2016" on shodan, then "/shell?whoami" returns "root". :)
> "National Vulnerability Database The NVD is currently offline for scheduled maintenance.
> Please check back again shortly. We apologize for the inconvenience.
> Please direct any questions to nvd@nist.gov. Thank you."
Perfect timing for hn Frontpage. Alt link: https://tomcat.apache.org/security-7.html
Interestingly, I think NVD.nist.gov just changed their HTML-generating template since this HN URL was posted.
They did. The page looks much different now than it did earlier.
CC: Equifax