-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[CVE-2017-11610] RCE vulnerability report #964
Comments
This is the original report sent by Maor Shwartz:
|
CVE-2017-11610Overview
This vulnerability can only be exploited by an authenticated client or if
Affected VersionsThis vulnerability has existed in all versions of Supervisor since 3.0a1 (released in 2007). Fixed VersionsThe latest release of Supervisor, version 3.3.3, fixes this vulnerability. The fix has also been backported to previous versions. The following fixed versions have been released:
The only change from the previous point releases is the fix for this vulnerability. All users are advised to upgrade. Details
An XML-RPC method name takes the form The XML-RPC namespace lookup in The vulnerability is that the object registered to serve the The vulnerability has been fixed by disabling nested namespace lookup entirely. The exploits below have been provided so users can test if the version of Exploit 1 (TCP Socket)Create a config file
Start
In a new terminal:
If the Exploit 2 (Unix Domain Socket)Create a config file
Start
In a new terminal:
If the AcknowledgementThis vulnerability was reported by Maor Shwartz, who requested this acknowledgement: "An independent security researcher, Calum Hutton, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program." |
Hi,
I would like to report Authenticated RCE vulnerability found in supervisord latest build.
Please contact me at maors@beyondsecurity.com
The text was updated successfully, but these errors were encountered: