From announce-return-4537-archive-asf-public=cust-asf.ponee.io@apache.org  Wed Apr 25 20:25:44 2018
Return-Path: <announce-return-4537-archive-asf-public=cust-asf.ponee.io@apache.org>
X-Original-To: archive-asf-public@cust-asf.ponee.io
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by mx-eu-01.ponee.io (Postfix) with SMTP id D3400180676
	for <archive-asf-public@cust-asf.ponee.io>; Wed, 25 Apr 2018 20:25:43 +0200 (CEST)
Received: (qmail 84644 invoked by uid 500); 25 Apr 2018 18:25:30 -0000
Mailing-List: contact announce-help@apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:announce-help@apache.org>
List-Unsubscribe: <mailto:announce-unsubscribe@apache.org>
List-Post: <mailto:announce@apache.org>
List-Id: <announce.apache.org>
Delivered-To: mailing list announce@apache.org
Delivered-To: moderator for announce@apache.org
Received: (qmail 29778 invoked by uid 99); 25 Apr 2018 17:06:55 -0000
X-Gm-Message-State: ALQs6tB2xXHfEIfMbOQGoJInGJLZO/56ipyHVGuzV5MsTsTjuCc2uOlV
	3tFaE9CRLF0JGNyMOC8KTLA35O110N547eO6B6I=
X-Google-Smtp-Source: AIpwx49chp3xOSPZ8aUDYRm+r3nzsVCDd3tBeYrTx4P+JLCpElgiWkuGq9Qjhn9w3KO8fv/WbYjsPQDpNuIDmoIA20I=
X-Received: by 2002:a0d:c901:: with SMTP id l1-v6mr15791691ywd.416.1524676014154;
 Wed, 25 Apr 2018 10:06:54 -0700 (PDT)
MIME-Version: 1.0
From: Tim Allison <tallison@apache.org>
Date: Wed, 25 Apr 2018 13:06:53 -0400
X-Gmail-Original-Message-ID: <CAC1dCwVhrPRyFJMS5BbY02+495CUODrAzndqZkvKacJnXUSm+w@mail.gmail.com>
Message-ID: <CAC1dCwVhrPRyFJMS5BbY02+495CUODrAzndqZkvKacJnXUSm+w@mail.gmail.com>
Subject: =?UTF-8?Q?=5BCVE=2D2018=2D1335=5D_Command_Injection_Vulnerability_in_A?=
	=?UTF-8?Q?pache_Tika=E2=80=99s_tika=2Dserver_module?=
To: announce@apache.org, dev@tika.apache.org, user@tika.apache.org, 
	oss-security@lists.openwall.com
Content-Type: multipart/alternative; boundary="00000000000038ad79056aaf4cad"

--00000000000038ad79056aaf4cad
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

CVE-2018-1335 =E2=80=93 Command Injection Vulnerability in Apache Tika=E2=
=80=99s tika-server
module


Severity: High



Vendor: The Apache Software Foundation



Versions Affected: <1.18



Description: Before Tika 1.18, clients could send carefully crafted

headers to tika-server that could be used to inject commands into the

command line of the server running tika-server.  This vulnerability

only affects those running tika-server on a server that is open to

 untrusted clients.



Mitigation: Ensure that untrusted users don't have access to

tika-server and/or upgrade to Apache Tika >=3D1.18.



Credit: Tim Allison, a member of the Apache Tika team, discovered this.

--00000000000038ad79056aaf4cad
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">


















<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif">CVE-2018-1335 =E2=80=93 Command Inject=
ion Vulnerability in Apache
Tika=E2=80=99s=C2=A0<span style=3D"font-size:11pt">tika-server module</span=
></p><p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-=
size:11pt;font-family:Calibri,sans-serif"><span></span></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif"><br></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif">Severity: High<span></span></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif"><span>=C2=A0</span></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif">Vendor: The Apache Software Foundation=
<span></span></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif"><span>=C2=A0</span></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif">Versions Affected: &lt;1.18<span></spa=
n></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif"><span>=C2=A0</span></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif">Description: Before Tika 1.18, clients=
 could send
carefully crafted <span></span></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif">headers to tika-server that could be u=
sed to inject
commands into the <span></span></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif">command line of the server running tik=
a-server.<span>=C2=A0 </span>This vulnerability <span></span></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif">only affects those running tika-server=
 on a server
that is open to</p><p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in =
0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"><span style=3D"font=
-size:11pt">=C2=A0untrusted clients.</span></p><p class=3D"gmail-MsoPlainTe=
xt" style=3D"margin:0in 0in 0.0001pt;font-size:11pt;font-family:Calibri,san=
s-serif"><span></span></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif"><span>=C2=A0</span></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif">Mitigation: Ensure that untrusted user=
s don&#39;t have
access to <span></span></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif">tika-server and/or upgrade to Apache T=
ika &gt;=3D1.18.<span></span></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif"><span>=C2=A0</span></p>

<p class=3D"gmail-MsoPlainText" style=3D"margin:0in 0in 0.0001pt;font-size:=
11pt;font-family:Calibri,sans-serif">Credit: Tim Allison, a member of the A=
pache Tika
team, discovered this.<span></span></p>





<br></div>

--00000000000038ad79056aaf4cad--