In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-03-31 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)05/31 Report--
Today, I will talk to you about how to carry out the early warning of the Spring Cloud Config directory traversal vulnerability CVE-2019-3799, which may not be well understood by many people. In order to make you understand better, the editor has summarized the following contents for you. I hope you can get something according to this article.
Spring product introduction
Spring is a hierarchical application framework for Java/Java EE/.NET. It is an open source framework of multi-tier J2EE system based on IOC and AOP. It has a good modularization and elegant implementation of MVC, and provides a unified interface for different data access technologies. In addition, the IOC used in it can easily realize the assembly of Bean, and the AOP provided is simple and easy to use, based on which Transaction Management and other functions are realized. Spring provides an easy way to develop, which avoids a large number of property files and helper classes that may cause the underlying code to become cluttered. Currently, the use of this framework is very active. Spring Data is a project module that provides underlying data access in the Spring framework, and Spring Data Commons is a common basic module.
Loophole analysis
CVE-2019-3799 vulnerability principle: because the spring-cloud-config-server module does not impose security restrictions on incoming paths, attackers can use multiple..% 252f for directory traversal to view sensitive files in other paths of the server, resulting in sensitive information disclosure.
The official fixes are as follows:
Through patch comparison, it is found that the isInvalidEncodedPath method has been added to the latest official version to judge the incoming url. If there is a%, the incoming url will be decoded by url. Prevents attackers from bypassing the detection of.. / through url encoding.
The newly added isInvalidPath method detects keywords in url and triggers warning if there is a WEB-INF,META-INF,..,../,.
Loophole recurrence
Download a vulnerable Spring Cloud Config at the following address:
Https://github.com/spring-cloud/spring-cloud-config
After starting the environment, input / test/pathtraversal/master/..%252f..%252f..%252f..%252f../etc/passwd using the get method to read the information of the passwd file under linux.
Scope of influence
At present, according to statistics, there are more than 50, 000 Spring servers open to the Internet worldwide, of which more than 28000 are affected in China.
Currently affected Spring Cloud Config versions:
Spring Cloud Config 2.1.0 to 2.1.1
Spring Cloud Config 2.0.0 to 2.0.3
Spring Cloud Config 1.4.0 to 1.4.5
Repair suggestion
The latest official version of Spring has fixed the Spring Cloud Config directory traversal vulnerability, download address: https://github.com/spring-cloud/spring-cloud-config/releases
After reading the above, do you have any further understanding of how to conduct Spring Cloud Config directory traversal vulnerability CVE-2019-3799 early warning? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.