This servlet supports the execution of external applications that conform to the CGI specification. The CGI Servlet is one of the servlets provided as default. In Apache Tomcat, the file web.xml is used to define default values for all web applications loaded into a Tomcat instance. However, Tomcat servers running on Windows machines that have the CGI Servlet parameter enableCmdLineArguments enabled are vulnerable to remote code execution due to a bug in how the Java Runtime Environment (JRE) passes command line arguments to Windows. The CGI Servlet, which is disabled by default, is used to generate command line parameters generated from a query string. These applications, called CGI scripts, are used to execute programs external to the Tomcat Java virtual machine (JVM).
The CGI is a protocol that is used to manage how web servers interact with applications. This blog entry delves deeper into this vulnerability by expounding on what it is, how it can be exploited, and how it can be addressed. This high severity vulnerability could allow attackers to execute arbitrary commands by abusing an operating system command injection brought about by a Tomcat CGI Servlet input validation error. On April 15, Nightwatch Cybersecurity published information on CVE-2019-0232, a remote code execution (RCE) vulnerability involving Apache Tomcat’s Common Gateway Interface (CGI) Servlet. It implements several Java EE specifications, including Java Servlet, JavaServer Pages (JSP), Java Expression Language (EL), and WebSocket, and provides a "pure Java" HTTP web server environment in which Java code can run. Apache Tomcat, colloquially known as Tomcat Server, is an open-source Java Servlet container developed by a community with the support of the Apache Software Foundation (ASF).
0 kommentar(er)
