Several vulnerabilities were fixed in recent versions of Solr:
– directory traversal when using XSLT or Velocity templates
(CVE-2013-6397 / SOLR-4882)
– XXE in UpdateRequestHandler (CVE-2013-6407 / SOLR-3895)
– XXE in DocumentAnalysisRequestHandler (CVE-2013-6408 / SOLR-4881)
These vulnerabilities were confirmed to be exploitable also on old
versions like 3.6.2. Gaining remote code execution is easy by combining
the directory traversal and XXE vulnerabilities.
If you wonder how these vulnerabilities could be exploited in real life
setups when Solr isn’t reachable directly from the Internet, you may be
interested in the following blog post:
There’s an exploit available in the wild for Joomla! version 2.5.13 and earlier 2.5.x versions; and version 3.1.4 and earlier 3.x versions.
The exploit allows an attacker to bypass file upload restrictions (so someone could for example upload a PHP file). It’s recommended to upgrade to version 2.5.14 or 3.1.5.
The exploits mentioned on the blog in January for Ruby on Rails are now publicly being exploited in the wild. While this exploit has been known and surely used quite a bit since then, it shows the importance of patching in order to avoid having your server becoming the victim of an attack.
There is currently an extremely high risk Java vulnerability out in the wild that can potentially cause havoc for a lot of users and systems. All someone has to do is get you to visit a site with the bad code, which can then run an exploit kit on your system under the same user as the Java process, which means they’ll most likely be taking over your entire system.
This is not only relevant for sysadmins, but for anyone being connected to the internet. A website you open could potentially have the code on it, and the person would then have access to your PC to install key loggers, or whatever they want – which could be used to breach not only your own PC but your corporate network.
There is currently no fix for this issue, which is why it’s highly recommended to disable the Java plugin in your browsers. If you need to use Java Applets, then it’s suggested to use NoScript with Firefox as you can then whitelist sites you wish to use Java on, and block it on the rest.
You can find more information here: