Apache Ghostcat (CVE 2020-1938) Research Paper | Safe Security

Home Resources Security Research Apache Ghostcat CVE 2020-1938

The CVE 2020-1938 takes advantage of Tomcat’s AJP connector, which helps the attacker read sensitive information from web apps and even more critical action if file uploads are allowed on the web application.

Key Pointers:

Understanding Tomcat connectors
Ghostcat vulnerability was found in the Tomcat AJP connector allowing an attacker to read or include any files in Tomcat’s web app directories
This vulnerability affects all versions of Tomcat in the default configuration which means that it has been dormant in Tomcat for more than a decade and hence needed to be updated or configured to prevent any attack
Taking a look at how to mitigate this vulnerability
Understanding the working of the exploit using an attack demonstration on a virtual target

Brands that
trust our competence

Related Resources

heap based buffer overflow vulnerability research paper

Heap-Based Overflow Vulnerability in Sudo [CVE-2021-3156]Read More

ubuntu overlays privesc vulnerability

Ubuntu OverlayFS Local Privesc VulnerabilityRead More

heartbleed attack cybersecurity research paper

Heartbleed AttackRead More

linux firewall guide research paper

A Beginners Guide to Linux FirewallRead More

insecure deserialzation research paper

Introduction to Insecure DeserializationRead More

linux privilege escalation research paper

Understanding and Exploiting Zerologon Read More