Cov txheej txheem:

Apache Struts vulnerability yog dab tsi?
Apache Struts vulnerability yog dab tsi?

Video: Apache Struts vulnerability yog dab tsi?

Video: Apache Struts vulnerability yog dab tsi?
Video: Apache Struts Vulnerability - Cyber Security Minute 2024, Kaum ib hlis
Anonim

Ib qho yooj yim tau pom hauv Apache Struts, uas tuaj yeem tso cai rau tej thaj chaw deb code execution . Apache Struts yog qhov yooj yim rau qhov chaw taws teeb tswj kev ua txhaum cai (CVE-2018-11776). Tshwj xeeb, qhov teeb meem no tshwm sim thaum tuav cov txiaj ntsig tshwj xeeb uas tsis muaj npe, lossis URL tag yam tsis muaj nqi thiab kev nqis tes ua.

Hais txog qhov no, koj yuav kuaj xyuas seb Apache Struts tau teeb tsa li cas?

Hauv Windows system:

  1. Qhib cov ntaub ntawv explorer, tshawb rau struts *. thawv.
  2. Qhib struts-core. thawv nrog lub unzip cuab tam (xws li IZArc2Go)
  3. Qhib META-INF nplaub tshev thiab qhib MANIFEST. MF cov ntaub ntawv nrog cov ntawv nyeem.
  4. Nyob ntawd koj yuav pom Specification-Version: nrog tus lej version.

Kuj Paub, Struts yog dab tsi hauv Java? Struts yog ib qho qhib lub moj khaum uas txuas ntxiv rau Java Servlet API thiab ntiav tus qauv, Saib, Controller (MVC) architecture. Nws tso cai rau koj los tsim kom muaj kev ruaj ntseg, txuas ntxiv, thiab hloov pauv lub vev xaib raws li cov txheej txheem thev naus laus zis, xws li JSP nplooj ntawv, JavaBeans, cov peev txheej, thiab XML.

Ib yam li ntawd, Apache struts siv rau dab tsi?

Apache Struts yog qhov pub dawb, qhib qhov chaw, MVC lub moj khaum rau tsim kom muaj txiaj ntsig zoo, niaj hnub Java web applications. Nws nyiam cov rooj sib tham dhau los ntawm kev teeb tsa, txuas ntxiv siv lub plugin architecture, thiab nkoj nrog plugins los txhawb REST, AJAX thiab JSON.

Tshawb xyuas Apache Struts Linux li cas?

Qhov cuam tshuam Versions

  1. Nrhiav cov ntaub ntawv “struts-core.jar”. a. Cov ntaub ntawv tuaj yeem pom tau siv 'nrhiav' hais kom ua ntawm Linux lossis Windows Explorer nrhiav haujlwm ntawm Windows.
  2. Unzip cov ntaub ntawv struts-core.jar.
  3. Qhib META-INF nplaub tshev> MANIFEST. MF nrog cov ntawv nyeem.
  4. Apache Struts version yog qhia ntawm "Specification Version:" kab.

Pom zoo: