Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Dave <snoopdave-Re5JQEeQqe8AvxtiuMwx3w <at> public.gmane.org>
Subject: Fwd: CVE-2015-0249: Apache Roller allows admin users to execute arbitrary Java code
Newsgroups: gmane.comp.security.oss.general
Date: Monday 30th March 2015 20:11:33 UTC (over 2 years ago)
---------- Forwarded message ----------
From: Dave 
Date: Tue, Mar 24, 2015 at 7:22 PM
Subject: CVE-2015-0249: Apache Roller allows admin users to execute
arbitrary Java code
To: "dev-LtahBqx39e9d/SJB6HiN2Ni2O/[email protected]"
,
user-LtahBqx39e9d/SJB6HiN2Ni2O/[email protected]


Severity: Important

Vendor:
   The Apache Software Foundation

Versions Affected:
   Roller 5.1.1
   Roller 5.1
   The unsupported pre-Roller 5.1 versions may also be affected

Description:

   A Roller user with Admin-level access to a weblog can edit a weblog
   page template and use special Velocity syntax to execute Java code on
   the server.

Mitigation:

   There are several ways you can fix this vulnerability:

   1) Upgrade to the latest version of Roller, which is now 5.1.2.

   2) Or, add the following line to Roller's velocity.properties file:


runtime.introspector.uberspect=org.apache.velocity.util.introspection.SecureUberspector

   3) Or, disable template editing on your Roller system by un-checking
      the Allow Custom Themes setting in the Server Admin -> Configuration
page,
      Theme Settings section.

Credit:

   This issue was discovered by Gregory Draperi.
 
CD: 3ms