If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it.
Yes, that's possible because all versions (9.x/8.x/7.x/6.x) of the Apache Tomcat released in the past 13 years have been found vulnerable to a new high-severity (CVSS 9.8) 'file read and inclusion bug'
Posted in Apache, Apache exploit, Apache Tomcat, hacking news, local file inclusion, remote code execution, remote file inclusion, server security, server vulnerability, Tomcat Server | Comments (0)
The Apache Software Foundation (ASF) has released new versions of its Tomcat application server to address an important security vulnerability that could allow a remote attacker to execute malicious code and take control of an affected server.
Developed by ASF, Apache Tomcat is an open source web server and servlet system, which uses several Java EE specifications such as Java Servlet,
Posted in Apache, Apache exploit, Apache Server, Apache Tomcat, cyber security, hacking news, server security, Vulnerability | Comments (0)
Mark J Cox, one of the founding members of the Apache Software Foundation and the OpenSSL project, today posted a tweet warning users about a recently discovered important flaw in Apache HTTP Server software.
The Apache web server is one of the most popular, widely used open-source web servers in the world that powers almost 40 percent of the whole Internet.
The vulnerability, identified as
Posted in Apache, Apache web server, fast web server, hacking web server, privilege escalation, shared web hosting, Vulnerability, web hosting, web server hacking, web server security | Comments (0)
Officially it’s CVE-2017-5638, but in practice it’s “the bug in Apache Struts you really should have patched by now”. Here’s why…
Posted in Apache, CVE-2017-5638, Exploit, rce, struts, Vulnerability | Comments (0)
Last year Google employees took an initiative to help thousands of Open Source Projects patch a critical remote code execution vulnerability in a widely used Apache Commons Collections (ACC) library.
Dubbed Operation Rosehub, the initiative was volunteered by some 50 Google employees, who utilized 20 percent of their work time to patch over 2600 open source projects on Github, those were
Posted in Apache, Google Security, hacking news, java Vulnerability, Mad Gadget vulnerability, Open Source, ransomware attack, Vulnerability | Comments (0)
It’s all too easy to get the configuration of a website wrong and leave the door open for anyone to see private files
Posted in Apache, htaccess, Technologies, Vulnerability | Comments (0)