BeanShell Remote Server Mode Arbitrary Code Execution

critical Nessus Plugin ID 58975

Synopsis

A shell is listening on the remote host.

Description

The remote host is running a BeanShell interpreter in remote server mode. This allows network clients to connect to the interpreter and execute BeanShell commands and arbitrary Java code. A remote, unauthenticated attacker could exploit this to execute arbitrary code.

Solution

Filter incoming traffic to this port or disable this service.

See Also

http://www.beanshell.org/manual/remotemode.html

Plugin Details

Severity: Critical

ID: 58975

File Name: beanshell_code_execution.nasl

Version: Revision: 1.2

Type: remote

Published: 5/3/2012

Updated: 2/3/2017

Dependencies: find_service1.nasl

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:2.3:a:beanshell_project:beanshell:*:*:*:*:*:*:*:*