Apache Struts 1 ClassLoader Manipulation

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Synopsis :

The remote web server contains a web application that uses a Java
framework that is affected by a ClassLoader manipulation

Description :

The remote web application appears to use Struts 1, a web application
framework. The version of Struts 1 in use contains a flaw that could
allow for the manipulation of the ClassLoader via the 'class'
parameter of an ActionForm object that could allow for a denial of
service attack.

Note that this vulnerability may be exploited to execute arbitrary
remote code in certain application servers with specific
however, Nessus has not tested for this issue.

Additionally, note that this plugin will only report the first
vulnerable instance of a Struts 1 application.

See also :


Solution :

Unknown at this time. Note that Struts 1 has reached end-of-life and
is no longer supported.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true

Family: Denial of Service

Nessus Plugin ID: 73919 ()

Bugtraq ID: 67121

CVE ID: CVE-2014-0114