latest Apache struts security issue

Forum Moderators: phranque

Message Too Old, No Replies

latest Apache struts security issue

fuzzy17

2:48 pm on Mar 9, 2017 (gmt 0)

We don't run Snort, so is there a way to block cmd.exe in a header with Apache 2.2 (I know we are on IBM HTTP Server, which is based on 2.2)?

[isc.sans.edu...]

fuzzy17

1:40 pm on Mar 28, 2017 (gmt 0)

Well,I think

RewriteCond "%{Content-Type}" "*.cmd.*"
RewriteRule .* - [F]

engine

2:24 pm on Mar 28, 2017 (gmt 0)

Was it this one? [webmasterworld.com...]

phranque

11:32 pm on Mar 29, 2017 (gmt 0)

Was it this one?

yes, that's the same exploit.

there are additional solutions/workarounds mentioned in the apache.org article referenced in that other thread.