[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Fwd: CVE-2015-0249: Apache Roller allows admin users to execute arbitrary Java code
From: Dave <snoopdave () gmail ! com>
Date: 2015-03-30 20:11:33
Message-ID: CAF1aazCpJPNS42M5+8gAmyBQbcMBFcRe4g_e7O6U+rG8SjM6LA () mail ! gmail ! com
[Download RAW message or body]
---------- Forwarded message ----------
From: Dave <snoopdave@gmail.com>
Date: Tue, Mar 24, 2015 at 7:22 PM
Subject: CVE-2015-0249: Apache Roller allows admin users to execute
arbitrary Java code
To: "dev@roller.apache.org" <dev@roller.apache.org>, user@roller.apache.org
Severity: Important
Vendor:
The Apache Software Foundation
Versions Affected:
Roller 5.1.1
Roller 5.1
The unsupported pre-Roller 5.1 versions may also be affected
Description:
A Roller user with Admin-level access to a weblog can edit a weblog
page template and use special Velocity syntax to execute Java code on
the server.
Mitigation:
There are several ways you can fix this vulnerability:
1) Upgrade to the latest version of Roller, which is now 5.1.2.
2) Or, add the following line to Roller's velocity.properties file:
runtime.introspector.uberspect=org.apache.velocity.util.introspection.SecureUberspector
3) Or, disable template editing on your Roller system by un-checking
the Allow Custom Themes setting in the Server Admin -> Configuration
page,
Theme Settings section.
Credit:
This issue was discovered by Gregory Draperi.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic