关联漏洞
标题:
Apache OFBiz 代码问题漏洞
(CVE-2022-29063)
描述:Apache OFBiz是美国阿帕奇(Apache)基金会的一套企业资源计划(ERP)系统。该系统提供了一整套基于Java的Web应用程序组件和工具。 Apache OFBiz Solr plugin 18.12.05 及之前版本存在安全漏洞,该漏洞源于默认配置在localhost的1099端口上自动发出RMI请求,通过在localhost上托管一个恶意的RMI服务器,攻击者可以在服务器启动或服务器重启时利用这一行为,从而运行任意代码。
描述
CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz
介绍
# CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz
The OfBiz Solr plugin is configured by default to automatically make a RMI request on localhost, port 1099.
By hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run arbitrary code as the user that started OfBiz and potentially elevate his/her privileges.
### Vendor Disclosure:
The vendor's disclosure and fix for this vulnerability can be found [here](https://issues.apache.org/jira/browse/OFBIZ-12646).
### Requirements:
This vulnerability requires:
<br/>
- Run a malicious RMI server on localhost:1099
- Wait for Apache OfBiz application to start/restart
### Proof Of Concept:
More details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2022-29063/blob/main/Apache%20OfBiz%20-%20CVE-2022-29063.pdf).
文件快照
[4.0K] /data/pocs/260de61b9c3a3dba0b8853316263f03f7a1ffa2a
├── [704K] Apache OfBiz - CVE-2022-29063.pdf
└── [ 915] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。