The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Most Trusted Cyber Security and Computer Security Analysis: Tomcat

Java based Cross platform malware targeting Apache Tomcat servers in the wild

Java based Cross platform malware targeting Apache Tomcat servers in the wild

November 21, 2013Mohit Kumar
Takashi Katsuki, a researcher at Antivirus firm Symantec has discovered a new cyber attack ongoing in the wild, targeting an open-source Web server application server Apache Tomcat with a cross platform Java based backdoor that can be used to attack other machines. The malware, dubbed as " Java.Tomdep " differs from other server malware and is not written in the PHP scripting language. It is basically a Java based backdoor act as Java Servlet that gives Apache Tomcat platforms malicious capabilities. Because Java is a cross platform language, the affected platforms include Linux, Mac OS X, Solaris, and most supported versions of Windows. The malware was detected less than a month ago and so far the number of infected machines appears to be low. You may think that this type of attack only targets personal computers, such as desktops and laptops, but unfortunately that isn't true. Servers can also be attacked. They are quite valuable targets, since they are usu
Apache Tomcat Multiple Critical Vulnerabilities

Apache Tomcat Multiple Critical Vulnerabilities

December 05, 2012Mohit Kumar
Some critical vulnerabilities have been reported in Apache Tomcat, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service) attack. These vulnerabilities affect Apache Tomcat 6.x and Apache Tomcat 7.x . Apache Tomcat vulnerabilities CVE-2012-4534 Apache Tomcat denial of service CVE-2012-3546 Apache Tomcat Bypass of security constraints CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter According to CVE-2012-4431 , The CSRF prevention filter could be bypassed if a request was made to a protected resource without a session identifier present in the request. CVE-2012-4534, DOS includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system. Whereas, CVE-2012-3546 - where malicious users or people can bypass certain security mechanisms of the application. The actual impact varies signif
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.