Varanoid.com

SB15-110: Vulnerability Summary for the Week of April 13, 2015 0

SB15-110: Vulnerability Summary for the Week of April 13, 2015

Original release date: April 20, 2015 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT).

Reminder: Secure Your Tomcat Admin Interface, (Mon, Apr 20th) 0

Reminder: Secure Your Tomcat Admin Interface, (Mon, Apr 20th)

In our web application honeypots, we do see continuing scans for /manager/html. While our honeypot doesnt (yet) fully simulate this Tomcat administrative interface, these scans are usually used to find unprotected Tomcatmanager URLs. Windows NT 6.1) Host: [host ip redacted]:8080 Cache-Control: no-cache Todays top sources of these scans are: 222.186.21.117 (– by far the largest source) 88.33.217.26 69.39.4.234 176.31.16.108 218.83.5.174 150.70.97.0/24 150.70.173.0/24 (maybe just block 150.70.0.0/16 ?) 121.8.241.145 OWASP got a brief guide on securing Tomcat:https://www.owasp.org/index.php/Securing_tomcat See the Securing Manager WebApp for details on protecting your management interface.