One Article Review
| Source |  Network World |
|---|---|
| Identifiant | 354461 |
| Date de publication | 2017-04-06 13:43:55 (vue: 2017-04-06 13:43:55) |
| Titre | Apache Struts 2 exploit used to install ransomware on servers |
| Texte | Attackers are exploiting a vulnerability patched last month in the Apache Struts web development framework to install ransomware on servers.The SANS Internet Storm Center issued an alert Thursday, saying an attack campaign is compromising Windows servers through a vulnerability tracked as CVE-2017-5638.The flaw is located in the Jakarta Multipart parser in Apache Struts 2 and allows attackers to execute system commands with the privileges of the user running the web server process.This vulnerability was patched on March 6 in Struts versions 2.3.32 and 2.5.10.1. Attackers started exploiting the flaw almost immediately, leaving very little time for server administrators to deploy the update.To read this article in full or to leave a comment, please click here |
| Envoyé | Oui |
| Condensat | 2017 5638 administrators alert allows almost apache are article attack attackers campaign center click commands comment compromising cve deploy development execute exploit exploiting flaw framework full here immediately install internet issued jakarta last leave leaving little located march month multipart parser patched please privileges process ransomware read running sans saying server servers started storm struts system through thursday time tracked update used user versions very vulnerability web windows |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.