Executive Summary

Informations
Name CVE-2010-1870 First vendor Publication 2010-08-17
Vendor Cve Last vendor Modification 2011-09-21

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 through 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote attackers to modify server-side context objects and bypass the "#" protection mechanism in ParameterInterceptors via the (1) #context, (2) #_memberAccess, (3) #root, (4) #this, (5) #_typeResolver, (6) #_classResolver, (7) #_traceEvaluations, (8) #_lastEvaluation, (9) #_keepLastEvaluation, and possibly other OGNL context variables, a different vulnerability than CVE-2008-6504.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1870

CPE : Common Platform Enumeration

TypeDescriptionCount
Application26

SAINT Exploits

DescriptionLink
Apache Struts2 XWork ParameterInterceptor security bypassMore info here

ExploitDB Exploits

idDescription
2010-07-14Struts2/XWork < 2.2.0 Remote Command Execution Vulnerability

OpenVAS Exploits

DateDescription
2010-12-21Name : Apache Struts2/XWork Remote Command Execution Vulnerability
File : nvt/gb_apache_struts_xwork_cmd_exec_vuln.nasl
2010-09-10Name : Struts Remote Command Execution Vulnerability
File : nvt/gb_apache_struts_remote_cmd_exec_vuln.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
66280Struts XWork ParameterInterceptor Server-Side Object Remote Code Execution

Snort® IPS/IDS

DateDescription
2014-01-10Apache Struts OGNL parameter interception bypass command execution attempt
RuleID : 18931 - Revision : 4 - Type : SERVER-APACHE

Metasploit Database

idDescription
2010-07-13 Apache Struts Remote Command Execution

Nessus® Vulnerability Scanner

DateDescription
2010-07-29Name : A remote web application uses a framework that has a code execution vulnerabi...
File : struts_xwork_ognl_code_execution_safe.nasl - Type : ACT_ATTACK

Internal Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/41592
CONFIRM http://confluence.atlassian.com/display/FISHEYE/FishEye+Security+Advisory+201...
http://struts.apache.org/2.2.1/docs/s2-005.html
EXPLOIT-DB http://www.exploit-db.com/exploits/14360
FULLDISC http://seclists.org/fulldisclosure/2010/Jul/183
MISC http://blog.o0o.nu/2010/07/cve-2010-1870-struts2xwork-remote.html
OSVDB http://www.osvdb.org/66280
SREASON http://securityreason.com/securityalert/8345

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2014-02-17 10:55:30
  • Multiple Updates
2014-01-19 21:26:51
  • Multiple Updates
2013-05-10 23:25:08
  • Multiple Updates