Thursday, April 18, 2024

13-year-old Ghostcat Bug Affected Apache-Tomcat Let Hackers Remotely Inject Any Files in The Servers

By Balaji

13-year-old Ghostcat Bug Affected Apache-Tomcat Let Hackers Remotely Inject Any Files in The Servers

Ghostcat, 13-Year old severe file inclusion vulnerability affected Apache-Tomcat server allows hackers to read or include any files in the web app directories of Tomcat remotely.

Tomcat is one of the most popular Java middleware servers that used to deploy Java Servlets and JSPs, also it provides a “pure Java” HTTP web server environment in which Java code can run.

Critical Ghostcat Vulnerability initially discovered by a researcher from Chaitin Tech and the bug is specifically existing in the Tomcat AJP protocol.

AJP protocol is a binary protocol that can proxy inbound requests from a web server through to an application server that sits behind the webserver.

The vulnerability can be tracked as CVE-2020-1938 and it affected all versions of Tomcat 9/8/7/6.

Affected Tomcat version:

  • Apache Tomcat 9.x < 9.0.31
  • Apache Tomcat 8.x < 8.5.51
  • Apache Tomcat 7.x < 7.0.100
  • Apache Tomcat 6.x

Ghostcat is a high-risk file read/include vulnerability in Tomcat, and it allows an attacker to execute malicious code on the target host by exploiting file inclusion flaw.

In other words, Ghostcat vulnerability allows an attacker to read the configuration files and source code files of all webapps that deployed in Tomcat, and if the web app allows a file upload due to this severe flaw, the attacker is also able to upload any files to the server.

It also lets attackers upload any malicious Java Server Pages (JSP) that enable remote code execution on the server.

According to the Researcher from Chaitin Tech, Under the following circumstances can Tomcat be exploited.

=>  If the AJP Connector is enabled and the attacker can access the 
      AJP Connector service port, there is a risk of be exploited by 
      the Ghostcat vulnerability. 
=> It should be noted that Tomcat AJP Connector is enabled by default 
      and listens at 0.0.0.0:8009.

Chaitin Tech reported this severe vulnerability to Apache Tomcat official on 2020/01/03 and the Apache Tomcat fixed the bug and released 9.0.31 and 8.5.51 version.

You can read the Ghostcat vulnerability patch notice from Apache for Tomcat 7.xTomcat 8.x, and Tomcat 9.x 

You can also Utilize xray vulnerability scanner from Chaitin Tech to detect Ghostcat Vulnerability.

Also Read: Most Important Web Server Penetration Testing Checklist

Follow us on Twitter, Linkedin, Facebook for Daily cyber security & hacking news updates.

Managed WAF Protection

Website

Latest articles

Vulnerability

Palo Alto ZeroDay Exploited in The Wild Following PoC Release

Palo Alto Networks has disclosed a critical vulnerability within its PAN-OS operating system, identified...
Cyber Attack

FIN7 Hackers Attacking IT Employees Of Automotive Industry

IT employees in the automotive industry are often targeted by hackers because they have...
Cyber Attack

Russian APT44 – The Most Notorious Cyber Sabotage Group Globally

As Russia's invasion of Ukraine enters its third year, the formidable Sandworm (aka FROZENBARENTS,...
Android

SoumniBot Exploiting Android Manifest Flaws to Evade Detection

A new banker, SoumniBot, has recently been identified. It targets Korean users and is...
cyber security

LeSlipFrancais Data Breach: Customers’ Personal Information Exposed

LeSlipFrancais, the renowned French underwear brand, has confirmed a data breach impacting its customer...
Cisco

Cisco Hypershield: AI-Powered Hyper-Distributed Security for Data Center

Cisco has unveiled its latest innovation, Cisco Hypershield, marking a milestone in cybersecurity.This groundbreaking...
Cyber Crime

Phishing-as-a-Service Platform LabHost Seized by Authorities

Authorities have dismantled LabHost, a notorious cybercrime platform that facilitated widespread phishing attacks across...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

WAAP/WAF ROI Analysis

Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

    • Book Your Spot

Related Articles

Connect with GBHackers On Security

Join 70,000 Security Professionals

Stay safe online with free daily cybersecurity updates. Sign up now!

GBHackers on security is a highly informative and reliable Cyber Security News platform that provides the latest and most relevant updates on Cyber Security News, Hacking News, Technology advancements, and Kali Linux tutorials on a daily basis. The platform is dedicated to keeping the community well-informed and up-to-date with the constantly evolving Cyber World.

Menu

Contact US:

Email : [email protected]