CVE-2017-12617 exploit Apache Tomcat (remote code execution)

[StLuis DF Member Posts:70 Threads:55 Reputation 0]

Apache Tomcat is the most widely used web application server, with over one million downloads per month and over 70% penetration in the enterprise data center.

On Tuesday, the Apache Tomcat development team publicly disclosed the presence of a remote code execution vulnerability, tracked as CVE-2017-12617, affecting the popular web application server. The Tomcat versions 9.x, 8.5.x, 8.0.x and 7.0.x are affected by the flaw.
The vulnerability classified as “important” severity, has been fixed in the versions 9.0.1, 8.5.23, 8.0.47 and 7.0.82.

[lolis DF Member Posts:11 Threads:2 Reputation 0]

Apache Tomcat is the most widely used web application server, with over one million downloads per month and over 70% penetration in the enterprise data center.

On Tuesday, the Apache Tomcat development team publicly disclosed the presence of a remote code execution vulnerability, tracked as CVE-2017-12617, affecting the popular web application server. The Tomcat versions 9.x, 8.5.x, 8.0.x and 7.0.x are affected by the flaw.
The vulnerability classified as “important” severity, has been fixed in the versions 9.0.1, 8.5.23, 8.0.47 and 7.0.82.

Remote execution code:
https://www.peew.pw/blog/2017/10/9/new-vulnerability-same-old-tomcat-cve-2017-12615

GitHuB:
https://github.com/cyberheartmi9/CVE-2017-12617

nice