CVE-2010-1870
Published: 17 August 2010
The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 through 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote attackers to modify server-side context objects and bypass the "#" protection mechanism in ParameterInterceptors via the (1) #context, (2) #_memberAccess, (3) #root, (4) #this, (5) #_typeResolver, (6) #_classResolver, (7) #_traceEvaluations, (8) #_lastEvaluation, (9) #_keepLastEvaluation, and possibly other OGNL context variables, a different vulnerability than CVE-2008-6504.
From the Ubuntu Security Team
sbeattie> we do not have struts2 in the archive (yet)
Priority
Status
| Package | Release | Status |
|---|---|---|
|
libstruts1.2-java Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
(1.2.9-1ubuntu1)
|
| hardy |
Not vulnerable
(1.2.9-3)
|
|
| jaunty |
Not vulnerable
(1.2.9-3)
|
|
| karmic |
Not vulnerable
(1.2.9-3)
|
|
| lucid |
Not vulnerable
(1.2.9-3.1)
|
|
| upstream |
Released
(2.2.1)
|