GlassFish arbitrary file read vulnerability tracking report-bug warning-the black bar safety net

ID MYHACK58:62201671093
Type myhack58
Reporter 佚名
Modified 2016-01-17T00:00:00


GlassFish is a tool for building Java EE applications service components. 2 0 1 5 years 1 0 months to be broke General purpose arbitrary file read vulnerability. Using this vulnerability, an attacker can read the server arbitrary file. Was informed of the vulnerability, cloud shield security team in the first instance to Ali cloud affected users notice. The user can go to the GlassFish official website to download the update repair or buy the“server secure hosting”service, authorized Ali cloud cloud shield engineer processing. 0×0 1 trend tracking According to our global deployment of the honeypot captured data is displayed, for GlassFish attacks never stopped, POC in 1 On 1 4, published after the attack reached its peak, the lower figure for the most recent two weeks the honeypot to capture the attack trend. ! Extract one on the inner needle GlassFish for the whole network of mass scanning of IP analysis, TOP15 IP as follows: ! The first ranking IP located in Amsterdam, Netherlands, is actually the domestic security vendors Server, ranked second in the United States, the shodan search engine. Next use our data system to the source of the attack IP to the bulk of the portrait, the results show as follows: domestic IP is more, theoperating systemlinux and windows are there, the servers for the data center and are part of the recognition for the company's private network to the exit. ! Extracting an IP for a detailed portrait: ! 0×0 2 The scope of the impact assessment According to our data base system The results show that the domestic use of the glassfish IP through to re-post total 2 0 9 3, although the glassfish default port for 4 8 4 8 however, most of the user of the this service is open to the 8 0, the 8 0 8 0 port. ! Domestic provinces, distributed as follows: ! 0×0 3 repair suggestions 1. Official has released the update to fix this issue, download address: