Name | CVE-2016-1181 |
Description | ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|
libstruts1.2-java | source | (unstable) | (unfixed) | | | |
Notes
[wheezy] - libstruts1.2-java <no-dsa> (basically fixed in CVE-2015-0899)
https://jvn.jp/en/jp/JVN03188560/
Two conditions must be met to exploit this vulnerability
condition one is already fixed in CVE-2015-0899, so everything is fine
condition two can be fixed by the following patch:
https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8
but as this completely deactivates multipart requests, this should not be generally applied