SalvusAlert : Apache Struts Remote command execution vulnerability

January 24, 2012 By
Summary:Very urgent update for Apache Struts
Salvus Alerting
Information At A Glance
Source
Version/Dependency
Developer
Severity
apache.org
Struts 2.0.0 – Struts 2.3.1.1
apache.org
CRITICAL
  • Summary
Apache Struts contains a serious vulnerability that allows remote command execution
  • Fix
Apache Recommends that ALL Struts developers update immediately to 2.3.1.2 Please see source for full information
  • Source
http://struts.apache.org/2.x/docs/s2-009.html Reported by Meder Kydyraliev, Google Security Team.

$4.95 Domains (1-year term only) at Network Solutions®!

NEW Customers Only – Use code: NCDISC01AF. Start Now!

 ESET NOD32 Antivirus - Save 25% - Download Now
Disclaimer: Salvus Alerting provides timely industry related information to its subscriber community and visitors for informational purposes only and makes every effort to distribute accurate and reliable information. Any information provided, is considered “as-is” and the subscriber and/or visitor assumes all responsibility for its uses. Salvus Alerting disclaims all warranties with regard to the information being provided, including all implied warranties of merchantability and fitness. In no event shall Salvus Alerting be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other legal action, arising out of or in connection with the use or performance of this information being provided. Salvus Systems and Salvus Alerting is a wholly owned and operated by FactNgN, LLC.
 
Filed Under: General, Latest SalvusAlerts, Struts