Welcome to WebmasterWorld Guest from 54.144.60.73

Forum Moderators: Ocean10000 & incrediBILL & phranque

Apache Struts: Possible Remote Code Execution

     
6:00 pm on Mar 20, 2017 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:24072
votes: 499


Time to update to Apache Struts V 2.3.32 or 2.5.10.1 to avoid a remote code execution attack.

Solution

If you are using Jakarta based file upload Multipart parser, upgrade to Apache Struts version 2.3.32 or 2.5.10.1. You can also switch to a different implementation of the Multipart parser. Apache Struts: Possible Remote Code Execution [cwiki.apache.org]
11:36 pm on Mar 29, 2017 (gmt 0)

Administrator

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Aug 10, 2004
posts:10811
votes: 53


discussion of a specific site's solutions/workarounds in this thread in the Apache Web Server forum:
latest Apache struts security issue [webmasterworld.com]
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members