zoukankan      html  css  js  c++  java
  • [我的CVE][CVE-2017-15709]Apache ActiveMQ Information Leak

    问题原因:

    Apache ActiveMQ默认消息队列61616端口对外,61616端口使用了OpenWire协议,这个端口会暴露服务器相关信息,这些相关信息实际上是debug信息。

    会返回应用名称,JVM,操作系统以及内核版本等信息。

    影响版本:

    apache-activemq-5.15.0 to apache-activemq-5.15.2
    apache-activemq-5.14.0 to apache-activemq-5.14.5
     
    漏洞修复:

    测试用例:

    修复前:

     @Test
    -    public void testClientProperties() throws Exception{
    -        BrokerService service = createBrokerService();
    -        try {
    -            ActiveMQConnectionFactory factory = new ActiveMQConnectionFactory(new URI(brokerUri));
    -            ActiveMQConnection conn = (ActiveMQConnection)factory.createConnection();
    -            final AtomicReference<WireFormatInfo> clientWf = new AtomicReference<WireFormatInfo>();
    -            conn.addTransportListener(new DefaultTransportListener() {
    -                @Override
    -                public void onCommand(Object command) {
    -                    if (command instanceof WireFormatInfo) {
    -                        clientWf.set((WireFormatInfo)command);
    -                    }
    -                }
    -            });
    -            conn.start();
    -            if (clientWf.get() == null) {
    -                fail("Wire format info is null");
    -            }
    -            assertTrue(clientWf.get().getProperties().containsKey("ProviderName"));
    -            assertTrue(clientWf.get().getProperties().containsKey("ProviderVersion"));
    -            assertTrue(clientWf.get().getProperties().containsKey("PlatformDetails"));
    -            assertTrue(clientWf.get().getProviderName().equals(ActiveMQConnectionMetaData.PROVIDER_NAME));
    -            assertTrue(clientWf.get().getPlatformDetails().equals(ActiveMQConnectionMetaData.PLATFORM_DETAILS));
    -        } finally {
    -            stopBroker(service);

     修复后:

    +    public void testClientPropertiesWithDefaultPlatformDetails() throws Exception{
    +        WireFormatInfo clientWf = testClientProperties(brokerUri);
    +        assertTrue(clientWf.getPlatformDetails().equals(ActiveMQConnectionMetaData.DEFAULT_PLATFORM_DETAILS));
    +    }
    +
    +    @Test
    +    public void testClientPropertiesWithPlatformDetails() throws Exception{
    +        WireFormatInfo clientWf = testClientProperties(brokerUri + "?wireFormat.includePlatformDetails=true");
    +        assertTrue(clientWf.getPlatformDetails().equals(ActiveMQConnectionMetaData.PLATFORM_DETAILS));
    +    }
    +
    +    private WireFormatInfo testClientProperties(String brokerUri) throws Exception {
    +        ActiveMQConnectionFactory factory = new ActiveMQConnectionFactory(new URI(brokerUri));
    +        ActiveMQConnection conn = (ActiveMQConnection)factory.createConnection();
    +        conn.start();
    +
    +        assertTrue(connector.getConnections().size() == 1);
    +        final WireFormatInfo clientWf = connector.getConnections().get(0).getRemoteWireFormatInfo();
    +        if (clientWf == null) {
    +            fail("Wire format info is null");
             }
    +
    +        //verify properties that the client sends to the broker
    +        assertTrue(clientWf.getProperties().containsKey("ProviderName"));
    +        assertTrue(clientWf.getProperties().containsKey("ProviderVersion"));
    +        assertTrue(clientWf.getProperties().containsKey("PlatformDetails"));
    +        assertTrue(clientWf.getProviderName().equals(ActiveMQConnectionMetaData.PROVIDER_NAME));
    +
    +        return clientWf;
         }

    修复版本:

    Apache Active MQ 5.14.6

    Apache Active MQ 5.15.3

    Apache Active MQ 5.16.0

    官方公布的草案:

    CVE-2017-15709 - Information Leak
    
    Severity: Low
    
    Vendor:
    The Apache Software Foundation
    
    Versions Affected:
    Apache ActiveMQ 5.14.0 - 5.15.2
    
    Description:
    
    When using the OpenWire protocol it was found that certain system details (such as the OS and kernel version) are exposed as plain text.
    
    Mitigation:
    
    Use a TLS enabled transport or upgrade to Apache ActiveMQ 5.14.6 or 5.15.3.  
    
    
    Credit:
    
    This issue was discovered by QingTeng cloud Security of Minded Security Researcher jianan.huang

    参考信息:

    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15709

    https://issues.apache.org/jira/browse/AMQ-6871

    http://activemq.apache.org/security-advisories.html

    http://activemq.apache.org/security-advisories.data/CVE-2017-15709-announcement.txt

  • 相关阅读:
    get请求中文乱码及get,post编码探究
    spring使用redis做缓存
    tomcat中session在两个webapp中实现共享
    JDK8 HashMap 源码解析
    Windows Apache服务器配置
    怎么使用IDEA
    面试中的Java链表
    设计模式解密(12)- 桥接模式
    Caused by: org.apache.catalina.LifecycleException: A child container failed during start
    设计模式解密(11)- 命令模式
  • 原文地址:https://www.cnblogs.com/sevck/p/7995209.html
Copyright © 2011-2022 走看看