rbeckman-nextgen / test-mc2

0 stars 0 forks source link

Vulnerability: System Commands Are Executed as root #4305

Open rbeckman-nextgen opened 5 years ago

rbeckman-nextgen commented 5 years ago

JavaScript transformer with code like:

var cmd = ["bash","-c", msg]; var proc = java.lang.Runtime.getRuntime().exec(cmd); proc.waitFor(); var stdout = proc.getInputStream(); msg = org.apache.commons.io.IOUtils.toString(stdout); if (msg == null || msg.equals("")) { var stderr = proc.getErrorStream(); msg = org.apache.commons.io.IOUtils.toString(stderr); }

Is capable of executing any Linux command on the Mirth appliance with root privileges.

Imported Issue. Original Details: Jira Issue Key: MIRTH-4451 Reporter: aitougan Created: 2019-07-31T12:49:11.000-0700

rbeckman-nextgen commented 5 years ago

Why are you running the Mirth server as root? The java.lang.Runtime.getRuntime().exec(cmd) is going to run at the same privilege as the parent thread/fork. This is not a Mirth issue but a setup/configuration issue.

Imported Comment. Original Details: Author: michaelleehobbs Created: 2019-11-07T14:08:10.000-0800