Signature Detail
Short Name |
HTTP:APACHE:SOLR-FILE-DISC |
|---|---|
Severity |
Medium |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Apache Solr SolrResourceLoader Arbitrary File Disclosure |
Release Date |
2014/01/07 |
Update Number |
2331 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Apache Solr SolrResourceLoader Arbitrary File Disclosure
This signature detects attempts to exploit a known vulnerability against Apache Solr SolrResourceLoader. A successful attack can lead to arbitrary file disclosure.
Extended Description
Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries.
Affected Products
- apache solr 4.0.0 (alpha)
- apache solr 4.0.0 (beta)
- apache solr 4.1.0
- apache solr 4.2.0
- apache solr 4.2.1
- apache solr 4.3.0
- apache solr 4.3.1
- apache solr 4.4.0
- apache solr 4.5.0
- apache solr up to 4.5.1
References
- BugTraq: 63935
- CVE: CVE-2013-6397