Exploit code published for dangerous Apache Solr remote code execution flaw

Confusion still surrounds a security bug that the Apache Solr team patched over the summer, which turns out it’s actually much more dangerous than anyone thought.

Apache Solr is a Java-based open-source search engine, initially developed to add search functionality to the CNET website.

The project was donated to the Apache Software Foundation in 2006, from where it gained worldwide usage due to its speed and expanded feature-set.

Over the summer, a user named “jnyryan” reported to the Solr project that the default solr.in.sh configuration file that is included with all new Solr instances contained an insecure option.

The default config shipped with the ENABLE_REMOTE_JMX_OPTS option set to enabled, which, in turn, exposed port 8983 to remote connections.

At the time it was reported, the Apache Solr team didn’t see the issue as a big deal, and developers thought an attacker could only access (useless) Solr monitoring data, and nothing else.

Read more…
Source: ZDNet