Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6504

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-6504
Last Modified 28 Jul 2015 11:19:54
Published 23 Mar 2009 10:19:12
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6504

Summary

ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context objects, which allows remote attackers to execute Object-Graph Navigation Language (OGNL) statements and modify server-side context objects, as demonstrated by use of a \u0023 representation for the # character.

Vulnerable Systems

Application

  • Apache Struts

  • Apache Struts 2.0.0

  • Apache Struts 2.0.11

  • Apache Struts 2.0.11.1

  • Apache Struts 2.0.11.2

  • Apache Struts 2.0.2

  • Apache Struts 2.0.3

  • Apache Struts 2.0.4

  • Apache Struts 2.0.5

  • Apache Struts 2.0.6

  • Apache Struts 2.0.7

  • Apache Struts 2.0.8

  • Apache Struts 2.0.9

  • Opensymphony Xwork 2.0.0

  • Opensymphony Xwork 2.0.1

  • Opensymphony Xwork 2.0.2

  • Opensymphony Xwork 2.0.3

  • Opensymphony Xwork 2.0.4

  • Opensymphony Xwork 2.0.5

  • Opensymphony Xwork 2.1.0

  • Opensymphony Xwork 2.1.1

  • Opensymphony Xwork2.0.0

  • Opensymphony Xwork2.0.1

  • Opensymphony Xwork2.0.2

  • Opensymphony Xwork2.0.3

  • Opensymphony Xwork2.0.4

  • Opensymphony Xwork2.0.5

  • Opensymphony Xwork2.1.0

  • Opensymphony Xwork2.1.1


References

CONFIRM - http://fisheye6.atlassian.com/cru/CR-9/

XF - xwork-parameterinterceptor-security-bypass(46328)

VUPEN - ADV-2008-3004

VUPEN - ADV-2008-3003

BID - 32101

CONFIRM - http://struts.apache.org/2.x/docs/s2-003.html

SECUNIA - 32497

SECUNIA - 32495

OSVDB - 49732

CONFIRM - http://jira.opensymphony.com/browse/XW-641

CONFIRM - http://issues.apache.org/struts/browse/WW-2692


Last Updated: 27 May 2016 11:09:26