288 matches found
CVE-2019-0231 Apache MINA SSLFilter security Issue
Handling of the closenotify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward. Mitigation: 2.0.20 users should migrate to 2.0.21, 2.1.0 users should migrate to 2.1.1. This...
CVE-2019-0231
Handling of the closenotify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward. Mitigation: 2.0.20 users should migrate to 2.0.21, 2.1.0 users should migrate to 2.1.1. This...
Apache MINA CVE-2019-0231 Information Disclosure Vulnerability
Description Apache MINA is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. Technologies Affected Apache MINA 1.0 Apache MINA 2.0.20 Apache MINA 2.1.0 Redhat Gluster Storage 3.0 Redhat...
PT-2019-11202
Name of the Vulnerable Software and Affected Versions: Apache MINA versions prior to 2.0.21 Apache MINA versions 2.1.0 Description: The issue arises from the handling of the close notify SSL/TLS message, which does not result in a connection closure. As a consequence, the server retains the opene...
Apache Mina 2.0.13 - Remote Command Execution
Apache Mina 2.0.13 - Remote Command Execution. Webapps exploit for Java platform Apache Mina 2.0.13 - Remote Command Execution Abstract Apache Mina 2.0.13 uses the OGNL library in the “IoSessionFinder” class. Its constructor takes into parameter one OGNL expression. Then this expression is execut...
Apache Mina 2.0.13 - Remote Command Execution Exploit
Exploit for multiple platform in category remote exploits Source: https://remoteawesomethoughts.blogspot.com/2016/09/apache-mina-2013-remote-command.html Apache Mina 2.0.13 uses the OGNL library in the “IoSessionFinder” class. Its constructor takes into parameter one OGNL expression. Then this...
Apache Mina 2.0.13 - Remote Command Execution
Apache Mina 2.0.13 - Remote Command Execution Source: https://remoteawesomethoughts.blogspot.com/2016/09/apache-mina-2013-remote-command.html Apache Mina 2.0.13 uses the OGNL library in the “IoSessionFinder” class. Its constructor takes into parameter one OGNL expression. Then this expression is...
Apache Mina 2.0.13 - Remote Command Execution
Source: https://remoteawesomethoughts.blogspot.com/2016/09/apache-mina-2013-remote-command.html Apache Mina 2.0.13 uses the OGNL library in the “IoSessionFinder” class. Its constructor takes into parameter one OGNL expression. Then this expression is executed when the method “find” is called. Thi...