Home / exploits Apache Sling 2.1.0 Denial Of Service
Posted on 07 July 2012
CVE-2012-2138 : Apache Sling denial of service vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: org.apache.sling.servlets.post bundle up to 2.1.0 Description: The @CopyFrom operation of the Sling POST servlet allows for copying a parent node to one of its descendant nodes, creating an infinite loop that ultimately results in denial of service, once memory and/or storage resources are exhausted. Mitigation: Users should upgrade to version 2.1.2 of the org.apache.sling.servlets.post bundle [1], or apply the Sling patch of revision 1352865 [2]. Example: curl -u admin:pwd -d "" "http://localhost:8888/content/foo/?./%40CopyFrom=../" Credit: This issue was discovered by IO Active, working for Adobe. References: [1] http://sling.apache.org/site/downloads.cgi [2] http://svn.apache.org/viewvc?view=revision&revision=1352865 https://issues.apache.org/jira/browse/SLING-2517
