CVSS | 5 |
---|---|
DESCRIPTION | When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations. |
HEAT SCORE | 2050 |
DATE | TWEETS | USER |
---|---|---|
2022-04-29 17:00:23 | New post from https://t.co/uXvPWJy6tj (CVE-2020-1938 (agile_engineering_data_management, agile_plm, communications_… https://t.co/52OcwHzUmT http://www.sesin.at https://twitter.com/i/web/status/1520084362032787461 | WolfgangSesin |
2022-04-29 17:00:21 | New post from https://t.co/9KYxtdZjkl (CVE-2020-1938 (agile_engineering_data_management, agile_plm, communications_… https://t.co/A91bIZEirc http://www.sesin.at https://twitter.com/i/web/status/1520084363542773760 | www_sesin_at |
2022-04-29 16:11:43 | Tomcat - CVE-2020-1938: https://t.co/wm91ahr4Bv https://lists.apache.org/thread.html/r7c6f492fbd39af34a68681dbbba0468490ff1a97a1bd79c6a53610ef%40%3Cannounce.tomcat.apache.org%3E | LinInfoSec |
2022-01-28 18:43:49 | CVE-2020-1938:Tomcat AJP协议文件包含漏洞分析 https://t.co/fifpDlA2GH https://t.co/3ONiQQTnQw https://ift.tt/3o3Bjoc https://ift.tt/3AEKXmr | buaqbot |
2022-01-28 17:31:39 | 如何更加精确的检测Tomcat AJP文件包含漏洞(CVE-2020-1938) https://t.co/cSFV6LuzSh https://t.co/caIPBguNlN https://ift.tt/3Hi8XOQ https://ift.tt/34gr6hl | buaqbot |
2022-01-21 13:01:46 | IT Risk: Philips製Vue PACS(医療画像管理システム)製品における複数の脆弱性 -2/3 https://t.co/2AO2niQ3yU CVE-2020-1938 CVE-2018-12326、CVE-201… https://t.co/YzAFx6VCCo https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01 https://twitter.com/i/web/status/1484506426991329285 | management_sun |
2021-09-14 15:15:17 | tomghost - Lots of fun this room. :) https://t.co/7Yone0AOnh #tryhackme #tomcat #zip #pgp #CVE-2020-1938 #weekly c… https://t.co/YeaicG2VzY https://tryhackme.com/room/tomghost https://twitter.com/i/web/status/1437793497067753472 | Fl0wD4rk |
2021-07-20 07:10:27 | (CVE-2020-1938, CVE-2018-12326, CVE-2018-11218, CVE-2020-4670 y CVE-2018-8014) recibieron una puntuación base de Co… https://t.co/CP7bTMGyPT https://twitter.com/i/web/status/1417379945660231714 | epicbounties |
2021-07-19 07:40:04 | CVE-2020-1938 When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to… https://t.co/eAJhLdy9n5 https://twitter.com/i/web/status/1417025597507883012 | VulmonFeeds |
2021-07-12 13:30:05 | #CybersecurityNews Multiple Vulnerabilities in Philips Clinical Collaboration Platform Portal (CVE-2020-1938) https://t.co/kaCcWarZou https://sensorstechforum.com/philips-clinical-collaboration-platform-vulnerabilities-cve-2020-1938/ | Milenyim |
2021-05-15 01:20:06 | Hunting and Exploiting the Apache Ghostcat https://t.co/gOpjgXzj6D Ghostcat脆弱性(CVE-2020-1938)の修正方法 https://t.co/VZwG4upE7e https://apkash8.medium.com/hunting-and-exploiting-apache-ghostcat-b7446ef83e74 https://www.synopsys.com/blogs/software-security/ja-jp/ghostcat-vulnerability-cve-2020-1938/ | jukubird |
2021-03-15 22:50:18 | Ghostcat file read | CVE-2020-1938 PoC https://t.co/Dpmzf2Ko2i #Hack https://t.co/NwBfmunK8X https://ift.tt/3cvJKSG | VideosHacking |
2021-02-05 23:30:08 | CVE-2020-1938 (GhostCat): Detectada en febrero de 2020, esta vulnerabilidad ocasiona que Apache Tomcat conceda un a… https://t.co/Mk4H2xuA8J https://twitter.com/i/web/status/1357833290976288768 | grevelo1 |
2021-01-25 05:40:05 | -Citrix社ネットワーク製品の脆弱性を狙ったコード実行の試み -Apache Tomcatの脆弱性(CVE-2020-1938)を狙った攻撃について | ohhara_shiojiri |
2021-01-21 18:30:11 | #Malware Alert! Bitfrost #trojan associated with CVE-2020-1938 #Apache JServ Protocol #vulnerability in… https://t.co/bO8su4WylB https://twitter.com/i/web/status/1352322011440115718 | threatwatchinc |
2020-12-10 00:40:10 | [ #Tistory ][SPRING BOOT] AJP CONNECTOR CVE-2020-1938 (2.2.5.RELEASE) https://t.co/TylqABCPP9 https://vitalholic.tistory.com/374 | vitalholic |
2020-11-22 13:10:06 | Ghostcat Local File read vulnerability : CVE-2020-1938 https://t.co/meGMsVZ2bO #infosec https://youtu.be/3TGIg1x4XwU | RapidSafeguard |
2020-10-31 07:00:07 | @Bugcrowd Clearly Ghostcat: CVE-2020-1938 | johnjhacking |
2020-10-29 15:50:15 | Get #expertanalysis on #CVE-2020-1938 #Ghostcat - #Apache #Tomcat AJP File Read/Inclusion #Vulnerability… https://t.co/97LD4SK8fD https://twitter.com/i/web/status/1321840664645148673 | virsecsystems |
2020-10-02 06:10:04 | @PentesterLab I can't see CVE-2020-1938 on the website. Is it there on the site? Thnx. | DarkSecOps1 |
2020-08-27 15:10:03 | TryHackMe Tomghost Walkthrough || CVE-2020-1938 POC || https://t.co/NU7nNQ0guq via @YouTube https://youtu.be/XPjNB8isomY | a_chacker |
2020-08-12 15:30:04 | Active exploitation of #Ghostcat #CVE-2020-1938 https://t.co/nRTWliACP2 | y3tehgod |
2020-08-12 09:10:25 | Active exploitation of #Ghostcat #CVE-2020-1938 #vulnerability has been spotted by our service. There are still mo… https://t.co/gGVtZzijP3 https://twitter.com/i/web/status/1293472793942618112 | onyphe |
2020-07-28 11:20:02 | New post: (CVE-2020-1938)Apache Tomcat远程代码执行漏洞复现 https://t.co/I4Nnl2P6hy远程代码执行漏洞复现/ https://reportcybercrime.com/cve-2020-1938apache-tomcat | digitpol_cyber |
2020-07-23 22:50:08 | 🚨 NEW: CVE-2020-1938 🚨 When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connec… https://t.co/iun77wHldH https://twitter.com/i/web/status/1286431505439367173 | threatintelctr |
2020-07-16 15:00:04 | 3 vulnerabilities in MySQL Enterprise Monitor CVE-2020-1967, CVE-2020-5398, CVE-2020-1938 #Zanket #CVE #vulnerability #MySQL #CyberSecurity | Zanket_com |
2020-06-28 12:40:04 | 🚨 NEW: CVE-2020-1938 🚨 When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connec… https://t.co/uMokas0Fdu https://twitter.com/i/web/status/1277219175744671745 | threatintelctr |
2020-06-26 08:40:08 | 🚨 NEW: CVE-2020-1938 🚨 When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connec… https://t.co/1bxnvYAvwM https://twitter.com/i/web/status/1276434002417717253 | threatintelctr |
2020-06-26 01:50:13 | Security Bulletin: Vulnerability in Apache Tomcat affects IBM Spectrum Protect Plus (CVE-2020-1938) https://t.co/hBArNiDeud http://ow.ly/X4sr30qTqzE | L2clrogers |
2020-06-26 00:40:07 | 🚨 NEW: CVE-2020-1938 🚨 When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connec… https://t.co/c10rsw4UYe https://twitter.com/i/web/status/1276313207410319360 | threatintelctr |
2020-06-25 14:10:14 | tsunami動かして見ました。 プラグイン充実するの楽しみだなー! tomcatのCVE-2020-1938とか、Weblogicのやつとか割と簡単に作れそうだけどどうなんだろう Google Tsunami 動かしてみた -… https://t.co/8CNIvaTNx8 https://twitter.com/i/web/status/1276154129887514624 | STUSecInfo |
2020-06-13 03:00:02 | New post: Security Bulletin: Vulnerability in Apache Tomcat affects IBM Spectrum Protect Plus (CVE-2020-1938) https://t.co/RpzKN9Crnm https://reportcybercrime.com/security-bulletin-vulnerability-in-apache-tomcat-affects-ibm-spectrum-protect-plus-cve-2020-1938/ | digitpol_cyber |
2020-06-13 02:00:04 | Security Bulletin: Vulnerability in Apache Tomcat affects IBM Spectrum Protect Plus (CVE-2020-1938)… https://t.co/H0gC9mIA0I https://twitter.com/i/web/status/1271622214610272258 | SymDataSec |
2020-05-28 21:10:05 | 🚨 NEW: CVE-2020-1938 🚨 When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connec… https://t.co/EQ4qisRLY9 https://twitter.com/i/web/status/1266113494396669963 | threatintelctr |
2020-05-28 20:40:10 | 🚨 NEW: CVE-2020-1938 🚨 When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connec… https://t.co/K6HvDzdgl7 https://twitter.com/i/web/status/1266105947165876224 | threatintelctr |
2020-05-05 18:40:09 | ぎゃー tomcat9.0.34 に上げたら mod_proxy_ajp が(?)動かなくなったー AJP でなければつながるし、tomcat9.0.29 あたりに戻すと AJP でも動くようになる… CVE-2020-1938 絡みかなぁ めんどいから明日以降調べるか | kysjp |
2020-05-04 15:30:04 | Herding Cats: How to Mitigate GhostCat Vulnerability (CVE-2020-1938) https://t.co/ONPBkZgZge @KempTech with the adv… https://t.co/7mIapmE5rk https://tubb.co/3dnSVEc https://twitter.com/i/web/status/1257330145729417218 | tubblog |
2020-04-30 09:50:04 | 【Apache Tomcatの脆弱性「Ghostcat」を検証】 Apache Tomcatに確認された「Ghostcat(ゴーストキャット)」の脆弱性(CVE-2020-1938)が議論を引き起こしています。当社では、最も懸念さ… https://t.co/oA0PvFkQij https://twitter.com/i/web/status/1255794373897318401 | trendmicro_jp |
2020-04-29 12:40:03 | Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 - https://t.co/T4VCtZ0fuY https://go.shr.lc/3bIVWxV | nekochanSec555 |
2020-04-29 10:30:03 | Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」) https://t.co/3jiWImGcpw https://t.co/emaiMZQjSP http://izumino.jp/Security/sec_trend.cgi?ref=tw&ref_date=2020-04-29%2019%3A20 https://blog.trendmicro.co.jp/archives/24748 | sec_trend |
2020-04-28 21:30:03 | “Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 | トレンドマイクロ セキュリティブログ” https://t.co/W4rOTlQRay https://htn.to/3UeCR3F5P8 | takehikom |
2020-04-28 14:50:03 | Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 https://t.co/0S1lgTjniS https://blog.trendmicro.co.jp/archives/24748 | halu834 |
2020-04-28 14:10:04 | “Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアクセスの観測等について | 警察庁 @police” https://t.co/xkFsHMw7Mq https://htn.to/4gc6vfoWhH | karkwind |
2020-04-28 11:10:05 | New labs are live covering Introduction to Zeek Logs, Jinja2 Exploitation, CVE-2020-1938 (GhostCat). Log in to begi… https://t.co/EfDFjAEMkj https://twitter.com/i/web/status/1255089631701413889 | immersivelabsuk |
2020-04-28 01:20:03 | Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 https://t.co/dGPMTjVgop https://blog.trendmicro.co.jp/archives/24748 | 1403Wavy |
2020-04-28 01:10:04 | Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 | トレンドマイクロ セキュリティブログ https://t.co/88zsCNfJrH https://blog.trendmicro.co.jp/archives/24748 | yuuyuyu_ka |
2020-04-28 01:10:03 | Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 | トレンドマイクロ セキュリティブログ https://t.co/KJKvdYgfdD https://blog.trendmicro.co.jp/archives/24748 | it_hatebu |
2020-04-27 23:50:03 | これは影響がある会社はそれなりにいそうだ... / Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 | トレンドマイクロ セキュリティブログ - https://t.co/hJumMASPx1 https://go.shr.lc/3bIVWxV | soudai1025 |
2020-04-27 23:40:04 | “Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 | トレンドマイクロ セキュリティブログ” https://t.co/dkXn7DRMKh https://htn.to/frSMkCRYo8 | karkwind |
2020-04-27 22:40:06 | Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 - https://t.co/N1lmAAr58n https://blog.trendmicro.co.jp/archives/24748 | ka0com |
2020-04-27 16:00:03 | 確かに、現実的にはまともにコレを悪用するのは難しそう。。(逆に突かれるようなサーバは相当やばい) Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証… https://t.co/uTvQMupPZt https://twitter.com/i/web/status/1254801634485366790 | securityflower |
2020-04-27 13:30:04 | Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 https://t.co/oLODpSVK9M https://blog.trendmicro.co.jp/archives/24748 | 01ra66it |
2020-04-27 13:10:04 | Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 | トレンドマイクロ セキュリティブログ https://t.co/KwesKcqMdo https://blog.trendmicro.co.jp/archives/24748 | ohhara_shiojiri |
2020-04-27 12:30:03 | “Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 | トレンドマイクロ セキュリティブログ” (1 user) https://t.co/2R8rrnm0ta https://htn.to/2WGq7WvG1e | matsuu_zatsu |
2020-04-27 11:30:04 | Apache Tomcatの脆弱性「Ghostcat」の検証 ・CVE-2020-1938、CNVD-2020-10487 ・Ghostcat自体は、ローカルファイルインクルードの脆弱性 ・リモートコード実行も可能だが要件が揃う… https://t.co/aQpybmbWeN https://twitter.com/i/web/status/1254734234494709760 | moneymog |
2020-04-27 11:30:03 | 勉強になりました Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 | トレンドマイクロ セキュリティブログ https://t.co/Z7qEvDxxnp https://blog.trendmicro.co.jp/archives/24748 | fiscsec |
2020-04-27 10:20:03 | Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 | トレンドマイクロ セキュリティブログ - https://t.co/4TKGiylJNA https://go.shr.lc/3bIVWxV | spread_jp |
2020-04-27 09:30:04 | Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 https://t.co/0hjln71Sa9 https://blog.trendmicro.co.jp/archives/24748 | Panda_Lv0 |
2020-04-27 09:20:03 | Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 https://t.co/y5iBYOyZxo #TrendMicro https://ift.tt/3eQrDqW | G3fu1 |
2020-04-27 09:20:03 | Apache Tomcatの脆弱性「Ghostcat」(「CVE-2020-1938」、「CNVD-2020-10487」)を検証 - トレンドマイクロ セキュリティブログ [https://t.co/yiTGLkDDCo] https://t.co/TeW6hOQBKN http://securenews.appsight.net/entries/11258 https://blog.trendmicro.co.jp/archives/24748 | securenews_web |
2020-04-26 15:40:03 | tomghost - I have just completed this room! nice challenge #tryhackme #tomcat #zip #pgp #CVE-2020-1938 #weekly challenge via @realtryhackme | abdelmouhsine1 |
2020-04-23 05:00:04 | [月次配信] Tomcat-AJP脆弱性分析及び対応方法:Ghostcat(CVE-2020-1938) https://t.co/FUUvsHFBiU #Qiita https://qiita.com/CyberFortress/items/c66412cb0c56c5c382bc | motikan2010 |
2020-04-18 15:00:05 | CVE-2020-1938: Ghostcat vulnerability https://t.co/dGfQb7KM0u https://t.co/GQ3u3iHAdB https://www.reddit.com/r/netsec/comments/fayn37/cve20201938_ghostcat_vulnerability/?utm_source=dlvr.it&utm_medium=twitter | techadversary |
2020-04-16 17:50:03 | TeamT5 uncover a BiFrost backdoor attack which exploited GhostCat (CVE-2020-1938). The campaign targeted a Taiwanes… https://t.co/93AtiAUGcJ https://twitter.com/i/web/status/1250843833883144192 | BushidoToken |
2020-04-15 07:50:10 | La vulnérabilité #Ghostcat CVE-2020-1938 est une faille qui vise les serveurs web Apache Tomcat publiée sur NVD le… https://t.co/JbfiWK2vBf https://twitter.com/i/web/status/1250329095767863299 | Digitemis |
2020-04-07 12:50:02 | tomghost - I have just completed this room! Check it out: https://t.co/EKbqtueavc #CVE-2020-1938 challenge via… https://t.co/Sarjrv5RuN https://tryhackme.com/room/tomghost https://twitter.com/i/web/status/1247506230311968768 | infosec_boy |
2020-04-07 07:00:04 | What is the Ghostcat vulnerability (CVE-2020-1938)? - Security Boulevard https://t.co/HNwfNtUU6L https://thedevtalk.com/article/id/ef9d60a3a216d28c96d10ee0b96cb729 | dorelidan |
2020-04-06 06:10:02 | AJP File Read/Inclusion in Apache Tomcat (CVE-2020-1938) and Undertow (CVE-2020-1745) https://t.co/tdB4lge5bq いつもお世話になりまする https://access.redhat.com/solutions/4851251 | mopoki2696 |
2020-04-06 00:10:03 | easy-to-use exploit scripts Add CVE-2020-1938, CVE-2020-2551 https://t.co/cmMPQY470A #hacking #github #darkweb #infosec #cybercrime https://github.com/zhzyker/exphub | HackLordNinja |
2020-04-04 16:20:03 | easy-to-use exploit scripts Add CVE-2020-1938, CVE-2020-2551 https://t.co/cmMPQY470A #404DAY #infosec #hacking #github #hacklordninja https://github.com/zhzyker/exphub | HackLordNinja |
2020-04-03 04:10:12 | 「Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアクセスの観測等について」を公開しました。 https://t.co/8nPWULw1i8 https://www.npa.go.jp/newlyarrived/index.html | NPA_KOHO |
2020-04-03 03:40:05 | What is the Ghostcat vulnerability (CVE-2020-1938)? https://t.co/qsdnNP8R8C Ghostcat (CVE-2020-1938) is an Apache T… https://t.co/MFX4OeLiMS https://securityboulevard.com/2020/04/what-is-the-ghostcat-vulnerability-cve-2020-1938/ https://twitter.com/i/web/status/1245916936036384768 | AppRayOfficial |
2020-04-02 14:10:05 | Ghostcat (CVE-2020-1938) is an Apache Tomcat vulnerability that allows remote code execution in some circumstances.… https://t.co/orgtp3U2Gm https://twitter.com/i/web/status/1245712931041374208 | ffarooqb |
2020-04-02 13:30:04 | The #Ghostcat #vulnerability (CVE-2020-1938) affects the #AJP connector of all #Tomcat versions of the last ten yea… https://t.co/TViaPKlm9w https://twitter.com/i/web/status/1245702816062148609 | ClaudioKuenzler |
2020-03-31 10:40:02 | CVE-2020-1938には気をつけよう!! | F4llX99 |
2020-03-31 10:10:03 | #CVE-2020-1938 on #Apache #Tomcat is out for weeks, but @nvidia @NVIDIAVirt is letting down its commercial customer… https://t.co/7hqH95N2ih https://twitter.com/i/web/status/1244929683180969987 | he1ix |
2020-03-30 18:32:17 | Challenge Time! GhostCat :: exploit CVE-2020-1938. Challenge yourself & identify a recent vulnerabilities to try e… https://t.co/lCBqnfW3Lz https://twitter.com/i/web/status/1244691057427783688 | RealTryHackMe |
2020-03-30 05:10:05 | [PDF]Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアク セスの観測等について | 警察庁https://t.co/ADyoBfy5fR http://www.npa.go.jp/cyberpolice/detect/pdf/20200325.pdf | yuuyuyu_ka |
2020-03-30 04:10:03 | Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアクセスの観測等について - 警察庁 https://t.co/yzs5iJq70d http://www.npa.go.jp/cyberpolice/detect/pdf/20200325.pdf | spread_jp |
2020-03-29 14:50:03 | Busting Ghostcat: An Analysis of the #Apache #Tomcat_Vulnerability (CVE-2020-1938 and CNVD-2020-10487) https://t.co/sChSQIXQcE http://ow.ly/wVUP50yMpIV | omvapt |
2020-03-29 13:50:03 | 【Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアクセスの観測等について】 ・CVE-2020-1938 →、遠隔から攻撃者により情報の窃取や、任意のコードを実行されるなどの可能性 ・9530/TC… https://t.co/Cy6atdZc3r https://twitter.com/i/web/status/1244259728105959424 | HAL_CSIRT |
2020-03-28 07:15:01 | CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (CNVD-2020-10487) https://t.co/3OLzAr5E39 http://ow.ly/blVO102dlmN | viky111 |
2020-03-28 03:50:03 | #CVE-2020-1938 宛先ポート8009/TCP https://t.co/Rh0X81kzNF https://headlines.yahoo.co.jp/hl?a=20200327-00000003-scan-sci | myatabe1 |
2020-03-27 19:10:03 | The newly discovered vulnerability “CVE-2020-1938” (aka “Ghostcat”) is being leveraged to target vulnerable Apache… https://t.co/jZMPSMvhDV https://twitter.com/i/web/status/1243614511820681218 | Anomali |
2020-03-27 13:50:04 | Apache Tomcat Exploit Poised to Pounce, Stealing Files: Researchers said that a working exploit for CVE-2020-1938… https://t.co/tZ8QWHepPF https://twitter.com/i/web/status/1243534556181004290 | Octopi_MS |
2020-03-27 05:00:03 | Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアクセスの観測等について https://t.co/qLuArDkoph https://t.co/Ii2qEFPjXJ https://www.npa.go.jp/cyberpolice/important/2020/202003251.html https://www.npa.go.jp/cyberpolice/detect/pdf/20200325.pdf | saichokippu |
2020-03-27 02:30:03 | ᓚᘏᗢ Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアクセスの観測および宛先ポート 9530/TCP に対する Mirai ボットの特徴を有するアクセスの増加。 (警察庁)Apache Tomc… https://t.co/gd4EgeGgdF https://twitter.com/i/web/status/1243364548670820357 | mach48mach |
2020-03-26 23:40:02 | Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアクセスの観測等について - 警察庁 https://t.co/XHNGhZob2A http://www.npa.go.jp/cyberpolice/important/2020/202003251.html | spread_jp |
2020-03-26 04:00:05 | Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアクセスの観測等について https://t.co/jEMOQlWwns http://www.npa.go.jp/cyberpolice/detect/pdf/20200325.pdf | HASH1da1 |
2020-03-26 02:00:03 | Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアク セスの観測等について | 警察庁 https://t.co/D1YscywAIq http://www.npa.go.jp/cyberpolice/important/2020/202003251.html | muupapa |
2020-03-26 01:50:04 | Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアク セスの観測等について - 警察庁 https://t.co/NCtjaL8WTr http://www.npa.go.jp/cyberpolice/important/2020/202003251.html | Sec2017 |
2020-03-26 01:50:04 | Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアクセスの観測等について 警察庁 2020年3月25日 https://t.co/pZzUW39Td1 http://www.npa.go.jp/cyberpolice/important/2020/202003251.html | piyokango |
2020-03-26 00:50:04 | CVE-2020-1938は時間があるときにでも検証してみよう | nekochanSec555 |
2020-03-26 00:40:03 | Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアク セスの観測等について https://t.co/xuJKYujRMU ・Apache Tomcat の脆弱性(CVE-2020-1938)を標的… https://t.co/d35YX9FuFH https://www.npa.go.jp/cyberpolice/important/2020/202003251.html https://twitter.com/i/web/status/1242974097773973506 | nekochanSec555 |
2020-03-25 12:30:03 | Researchers said that a working #exploit for #CVE-2020-1938 leaked on GitHub makes is a snap to compromise… https://t.co/CduhbXyQvY https://twitter.com/i/web/status/1242788723785334786 | EChavarro |
2020-03-25 12:10:02 | Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアク セスの観測等について - https://t.co/6gOsLV77Mw https://www.npa.go.jp/cyberpolice/important/2020/202003251.html | ka0com |
2020-03-25 09:10:22 | Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアク セスの観測等について https://t.co/loqR8dj5PN https://www.npa.go.jp/cyberpolice/important/2020/202003251.html | police_bot_ |
2020-03-25 09:00:05 | CVE-2020-1938: #Apache JServ Protocol (AJP) / #Tomcat #vulnerability "If such connections are available to an atta… https://t.co/iwgVF2QEB4 https://twitter.com/i/web/status/1242735823239380992 | HonkHase |
2020-03-25 07:30:04 | Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアク セスの観測等について 2020年3月25日 | 警察庁 @police https://t.co/bzhzUI7eIb https://t.co/V43qMA6oO5 https://www.npa.go.jp/cyberpolice/important/2020/202003251.html | fj_twt |
2020-03-25 07:30:02 | Apache Tomcat の脆弱性(CVE-2020-1938)を標的としたアク セスの観測等について https://t.co/T4gOMbQ2Pu https://www.npa.go.jp/cyberpolice/important/2020/202003251.html | test_user_css |
2020-03-25 05:20:02 | How long will it take to patch this #Apache Tomcat bug? #CVE-2020-1938 makes it easy to compromise webservers, but… https://t.co/DwpFACjm9o https://twitter.com/i/web/status/1242681388416942081 | waratek |
2020-03-24 23:10:05 | Researchers said that a working exploit for CVE-2020-1938 leaked on GitHub makes is a snap to compromise webservers… https://t.co/7K1XPoF8Yj https://twitter.com/i/web/status/1242587535492202497 | InfoSecHotSpot |
2020-03-24 20:10:06 | Researchers said that a working exploit for CVE-2020-1938 leaked on GitHub makes is a snap to compromise webservers. https://t.co/iWK1bX2Zxr http://ow.ly/7ARl50yU9AJ | Stealthcare_ |
2020-03-24 12:00:03 | Apache Tomcat Exploit Poised to Pounce, Stealing Files Researchers said that a working exploit for CVE-2020-1938 le… https://t.co/zUkTpv2dHf https://twitter.com/i/web/status/1242419496377364481 | phenomlab |
2020-03-24 11:50:03 | Apache Tomcat Exploit Poised to Pounce, Stealing Files Researchers said that a working exploit for CVE-2020-1938 le… https://t.co/o9lxmqcCAz https://twitter.com/i/web/status/1242416953186291714 | CyberNewsOutlet |
2020-03-24 10:50:03 | Apache Tomcat Exploit Poised to Pounce, Stealing Files Researchers said that a working exploit for CVE-2020-1938 le… https://t.co/sHiouhVa6Q https://twitter.com/i/web/status/1242400847667113985 | phenomlab |
2020-03-24 04:40:02 | Apache Tomcat Exploit Poised to Pounce, Stealing Files Researhers said that a working exploit for CVE-2020-1938 le… https://t.co/cBAUWpUHiF https://twitter.com/i/web/status/1242310160283914247 | D3cryp_Tor |
2020-03-23 23:50:05 | Apache Tomcat Exploit Poised to Pounce, Stealing Files Researchers said that a working exploit for CVE-2020-1938 le… https://t.co/E0LyRHkqP4 https://twitter.com/i/web/status/1242235772226490377 | CyberNewsOutlet |
2020-03-23 22:20:03 | Researchers said that a working exploit for CVE-2020-1938 leaked on GitHub makes is a snap to compromise webservers… https://t.co/q2Pl2tPORU https://twitter.com/i/web/status/1242212779152506881 | InfoSecHotSpot |
2020-03-23 22:10:03 | fuuuu CVE-2020-8552 and CVE-2020-1938 | imacbot1 |
2020-03-23 22:00:03 | Apache Tomcat Exploit Poised to Pounce, Stealing Files: Researchers said that a working exploit for CVE-2020-1938 l… https://t.co/lS8l7NjBiv https://twitter.com/i/web/status/1242207379833245696 | intelhub2020 |
2020-03-23 21:10:03 | Apache Tomcat Exploit Poised to Pounce, Stealing Files: Researchers said that a working exploit for CVE-2020-1938 l… https://t.co/yujQM15vcm https://twitter.com/i/web/status/1242195437022351360 | cipherstorm |
2020-03-23 21:10:03 | Apache Tomcat Exploit Poised to Pounce, Stealing Files: Researchers said that a working exploit for CVE-2020-1938 l… https://t.co/wUPMQC2sIw https://twitter.com/i/web/status/1242195427354537984 | shah_sheikh |
2020-03-23 14:40:03 | “Fix available for new @Apache #Tomcat Vulnerability #Ghostcat (CVE-2020-1938)” https://t.co/J8Fwgp7BQr https://t.co/4xjaNnP6Rq https://buff.ly/2QwQm9o | Fusion_Reactor |
2020-03-21 19:40:03 | پست جدید مموریلیکز راجع به تحلیل آسیبپذیری CVE-2020-1938 (آسیبپذیری Tomcat که اخیرا کشف شده) https://t.co/tefMIOsRxr https://memoryleaks.ir/analysis-of-ghostcat-cve-2020-1938/ | voorivex |
2020-03-19 09:10:03 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) https://t.co/ZaHNY3fXiO https://blog.trendmicro.com/trendlabs-security-intelligence/busting-ghostcat-an-analysis-of-the-apache-tomcat-vulnerability-cve-2020-1938-and-cnvd-2020-10487/ | NytroRST |
2020-03-18 20:40:03 | GHOST CAT (CVE-2020-1938) 対応で Apache <-> tomcat を繋ぐ AJP connection のシークレットキー設定を実施するも.... 忘れた頃に必要になり落とし穴のあるこの設定苦手。A… https://t.co/A10fSLPqRX https://twitter.com/i/web/status/1240376888381468672 | ippo_n |
2020-03-18 19:40:03 | Herding Cats: How to Mitigate GhostCat Vulnerability (CVE-2020-1938) https://t.co/OwvmVN5oT3 via @kemptech https://kemptechnologies.com/blog/how-to-mitigate-ghostcat-vulnerability/ | jaysdover |
2020-03-18 18:30:03 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) - https://t.co/2hYm3c5WYC http://fuhs.eu/1c54 | Hfuhs |
2020-03-18 13:10:04 | Ghostcat CVE-2020-1938 can allow unauthenticated attackers remote access to your web server, yet another reason why… https://t.co/jMw46VGuxu https://twitter.com/i/web/status/1240261729898168323 | AviraInsights |
2020-03-18 13:00:04 | Nexus Intelligence Insights: What's in a Ghostcat? CVE-2020-1938 Apache Tomcat - Local File Inclusion Potentially L… https://t.co/TLTeFQJ035 https://twitter.com/i/web/status/1240259266860089345 | JGarz86 |
2020-03-17 18:50:05 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) https://t.co/aUrxPNMW8E http://j.mp/2xJjdAH | PatrickCMiller |
2020-03-17 10:20:03 | Nexus Intelligence Insights: What's in a Ghostcat? CVE-2020-1938 Apache Tomcat - Local File Inclusion Potentially L… https://t.co/lKbNhqDJIQ https://twitter.com/i/web/status/1239857212454866944 | akeles_cs |
2020-03-13 18:10:04 | Can you answer this? Is Tomcat vulnerable to "Ghostcat" (CVE-2020-1938) via mod_proxy_ajp? https://t.co/BCVreRuHoS #tomcat https://security.stackexchange.com/q/227105?atw=1 | StackSecurity |
2020-03-13 15:10:04 | There is a new #vulnerablity CVE-2020-1938 on AJP protocol which also affects XSA runtime (incl. #HANA cockpit) run… https://t.co/6ZcZU7sE2j https://twitter.com/i/web/status/1238480603953213440 | JensGleichmann |
2020-03-13 13:10:07 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) (Mar 10) https://t.co/Ig61qZ5gwp https://buff.ly/3cM4XqP | AndyMicone |
2020-03-12 19:40:09 | @SwiftOnSecurity We don't monitor but we do log. That way when 'new' (say, CVE-2020-1938) comes the team can quick… https://t.co/oSTSpcwUze https://twitter.com/i/web/status/1238185867874676736 | ajcaruso |
2020-03-12 09:20:09 | Fix available for new Apache Tomcat #Vulnerability Ghostcat (CVE-2020-1938). The servers are vulnerable to a“ Ghost… https://t.co/54x2XVWTSZ https://twitter.com/i/web/status/1238031498919514112 | advantioglobal |
2020-03-12 07:40:14 | Busting #Ghostcat: An Analysis of the Apache #Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487)… https://t.co/9Q7t8YRZRJ https://twitter.com/i/web/status/1238004303400493056 | reach2ratan |
2020-03-12 02:20:04 | Busting #Ghostcat: An #Analysis of the @TheASF #Tomcat #Vulnerability (CVE-2020-1938 and CNVD-2020-10487) https://t.co/nTO8jQ8TWq https://buff.ly/2IzBUcj | beuchelt |
2020-03-12 00:30:03 | Mitigation of CVE-2020-1938 https://t.co/R4Cymi6kKR https://t.co/DRrfMzPhsX https://askubuntu.com/questions/1216472/mitigation-of-cve-2020-1938 | askubuntumemes |
2020-03-12 00:20:08 | Apache Tomcatにおける情報漏えいの脆弱性(CVE-2020-1938)についての検証レポート/NTTデータ先端技術 https://t.co/fidg6CKFqp http://www.intellilink.co.jp/article/vulner/200309.html | nekochanSec555 |
2020-03-11 22:30:04 | https://t.co/skOjpSkkm9 Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) http://tinyurl.com/w8ogoou | prpnews |
2020-03-11 16:50:08 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) https://t.co/coEYUatPVp https://blog.trendmicro.com/trendlabs-security-intelligence/busting-ghostcat-an-analysis-of-the-apache-tomcat-vulnerability-cve-2020-1938-and-cnvd-2020-10487/ | Anastasis_King |
2020-03-11 16:30:12 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) - TrendLabs Se… https://t.co/EyeM5VMoJk https://twitter.com/i/web/status/1237775797341036545 | pcastagnaro |
2020-03-11 13:31:06 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) - https://t.co/reLayqw8vS https://blog.trendmicro.com/trendlabs-security-intelligence/busting-ghostcat-an-analysis-of-the-apache-tomcat-vulnerability-cve-2020-1938-and-cnvd-2020-10487/ | rik_ferguson |
2020-03-11 13:10:52 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) -… https://t.co/wY9mK2WpHa https://twitter.com/i/web/status/1237726198840647680 | Gate_15_Analyst |
2020-03-11 11:50:24 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) https://t.co/6oTFI4hL2Q https://blog.trendmicro.com/trendlabs-security-intelligence/busting-ghostcat-an-analysis-of-the-apache-tomcat-vulnerability-cve-2020-1938-and-cnvd-2020-10487/ | Cyber_O51NT |
2020-03-11 11:30:09 | [TrendMicro] Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) https://t.co/Ey6BG1xSgJ https://blog.trendmicro.com/trendlabs-security-intelligence/busting-ghostcat-an-analysis-of-the-apache-tomcat-vulnerability-cve-2020-1938-and-cnvd-2020-10487/ | davidkoepi |
2020-03-11 07:40:05 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) https://t.co/Dxo0SMA5YP #cybersecurity https://ift.tt/39DJJJD | NaveedHamid |
2020-03-11 07:20:12 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) https://t.co/1SqSiPHzbH https://blog.trendmicro.com/trendlabs-security-intelligence/busting-ghostcat-an-analysis-of-the-apache-tomcat-vulnerability-cve-2020-1938-and-cnvd-2020-10487/ | intx0x80 |
2020-03-11 07:00:08 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487): https://t.co/H2DUv7o2si https://blog.trendmicro.com/trendlabs-security-intelligence/busting-ghostcat-an-analysis-of-the-apache-tomcat-vulnerability-cve-2020-1938-and-cnvd-2020-10487/ | Mandy0x01 |
2020-03-11 05:00:07 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487)… https://t.co/tB7FnEIFyE https://twitter.com/i/web/status/1237602897786851333 | ptracesecurity |
2020-03-11 02:20:09 | I just posted "Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487)… https://t.co/VG0z9mqxq7 https://twitter.com/i/web/status/1237561698715758598 | cyberg0100 |
2020-03-11 00:20:07 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) - TrendLabs Se… https://t.co/SYgUwm4dU8 https://twitter.com/i/web/status/1237533148142915584 | yuuyuyu_ka |
2020-03-11 00:00:04 | 脆弱性検証レポートの新着記事「Apache Tomcatにおける情報漏えいの脆弱性(CVE-2020-1938)についての検証レポート」を掲載しました/NTTデータ先端技術 https://t.co/RT1Z4cNDj8 http://www.intellilink.co.jp/all/column-tps/20200309/column.html | spread_jp |
2020-03-10 23:10:26 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) -… https://t.co/wK9qCx2Dkj https://twitter.com/i/web/status/1237514210390622208 | RedPacketSec |
2020-03-10 23:10:03 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) - https://t.co/W0tyCH3mdm https://blog.trendmicro.com/trendlabs-security-intelligence/busting-ghostcat-an-analysis-of-the-apache-tomcat-vulnerability-cve-2020-1938-and-cnvd-2020-10487/ | moton |
2020-03-10 22:20:13 | Detect Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) using Qualys WAS https://t.co/vEisySfrC5 https://blog.qualys.com/technology/2020/03/10/detect-apache-tomcat-ajp-file-inclusion-vulnerability-cve-2020-1938-using-qualys-was | qualys |
2020-03-10 22:20:12 | Detect Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) using Qualys WAS: As previously reported, a s… https://t.co/zYJX4pvbBQ https://twitter.com/i/web/status/1237501878335729665 | shah_sheikh |
2020-03-10 18:50:18 | Trend Labs Security Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-1… https://t.co/VQ0eBAsccB https://twitter.com/i/web/status/1237448520031846400 | jrimer2008 |
2020-03-10 17:50:14 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487)… https://t.co/h3A7CvkTIf https://twitter.com/i/web/status/1237433564586823680 | modernnetsec |
2020-03-10 16:30:51 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) #security https://t.co/9MgS99NBfd https://blog.trendmicro.com/trendlabs-security-intelligence/busting-ghostcat-an-analysis-of-the-apache-tomcat-vulnerability-cve-2020-1938-and-cnvd-2020-10487/ | IKARUSANTIVIRUS |
2020-03-10 16:00:04 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487)… https://t.co/JluIVVyhz4 https://twitter.com/i/web/status/1237406239522521090 | MaltrakN |
2020-03-10 15:50:20 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) https://t.co/v8pSIONVFN https://blog.trendmicro.com/trendlabs-security-intelligence/busting-ghostcat-an-analysis-of-the-apache-tomcat-vulnerability-cve-2020-1938-and-cnvd-2020-10487/ | Dinosn |
2020-03-10 15:20:05 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) https://t.co/e7u7u4u4Tg #virus #feedly https://blog.trendmicro.com/trendlabs-security-intelligence/busting-ghostcat-an-analysis-of-the-apache-tomcat-vulnerability-cve-2020-1938-and-cnvd-2020-10487/ | Mozbe |
2020-03-10 15:10:06 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) https://t.co/NPYviIuLRh https://blog.trendmicro.com/trendlabs-security-intelligence/busting-ghostcat-an-analysis-of-the-apache-tomcat-vulnerability-cve-2020-1938-and-cnvd-2020-10487/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Anti-MalwareBlog+%28Trendlabs+Security+Intelligence+Blog%29 | cybsecbot |
2020-03-10 15:10:04 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) - TrendLabs Se… https://t.co/vPNVgbXIh0 https://twitter.com/i/web/status/1237395068589244419 | SecRecon |
2020-03-10 14:40:11 | TrendLabs | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) https://t.co/R7sp9WzFbC https://bit.ly/2wNXvuA | StopMalvertisin |
2020-03-10 14:40:10 | Busting Ghostcat: An Analysis of the #Apache Tomcat #Vulnerability (CVE-2020-1938 and CNVD-2020-10487) https://t.co/eCUusXNUdI #TrendMicro http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/56_rbN_PxbM/ | SecurityNewsbot |
2020-03-10 14:40:04 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487… https://t.co/3e5zYLmTAE #infosec https://goo.gl/fb/dJjazv | IT_securitynews |
2020-03-10 14:30:07 | Busting #Ghostcat: An Analysis of the #Apache #Tomcat #Vulnerability (CVE-2020-1938 and CNVD-2020-10487)… https://t.co/txNmx52VSQ https://twitter.com/i/web/status/1237382961856684033 | tribal_sec |
2020-03-10 14:30:06 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) https://t.co/IaX9qDcosA (TrendLabs) http://dlvr.it/RRcD4d | ITDataSecurity |
2020-03-10 14:30:06 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487)… https://t.co/NWUuDmfeRr https://twitter.com/i/web/status/1237383000784089088 | terabit7 |
2020-03-10 14:30:04 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487)… https://t.co/lZI4HlDFYK https://twitter.com/i/web/status/1237384090388549633 | mrvallejo |
2020-03-10 14:30:03 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487) - TrendLabs Se… https://t.co/6AlbrNBUZc https://twitter.com/i/web/status/1237384901407563782 | ohhara_shiojiri |
2020-03-10 14:20:04 | Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487)… https://t.co/eTuqiGZDwH https://twitter.com/i/web/status/1237382207875895298 | CyberIntelFeed |
2020-03-10 14:10:03 | New post: Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and https://t.co/5pyEgHdKTR @TrendMicroRSRCH http://bit.ly/39L04fW | TrendMicroRSRCH |
2020-03-10 07:40:02 | Nexus Intelligence Insights: What's in a Ghostcat? CVE-2020-1938 Apache Tomcat - Local File Inclusion Potentially L… https://t.co/yfPWOqmWKp https://twitter.com/i/web/status/1237279823409676288 | cloudgeario |
2020-03-10 00:00:06 | Nexus Intelligence Insights: What's in a Ghostcat? CVE-2020-1938 Apache Tomcat - Local File Inclusion Potentially L… https://t.co/42MyFzWdw7 https://twitter.com/i/web/status/1237164288046817280 | moton |
2020-03-09 21:50:03 | Apache Tomcatにおける情報漏えいの脆弱性(CVE-2020-1938)についての検証レポート | NTTデータ先端技術株式会社 https://t.co/jYq2nuNWj6 http://www.intellilink.co.jp/article/vulner/200309.html | freude710 |
2020-03-09 20:40:09 | Hackers Scanning for Apache Tomcat Servers Vulnerable to CVE-2020-1938 and dubbed Ghostcat. #SecOps https://t.co/x2cTbIawmG https://lnkd.in/gCMTaXv | _BrandonCarter |
2020-03-09 19:50:03 | 注意喚起: Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 (更新) https://t.co/QsS9KivzAx #infosec #cybersecurity… https://t.co/LTlCXFkfrs https://www.jpcert.or.jp/at/2020/at200009.html https://twitter.com/i/web/status/1237102179409747968 | falitroke |
2020-03-09 18:30:03 | Ghostcat - CVE-2020-1938 - Apache Tomcat AJP Connector File read, write (if upload is permitted) and execute JSP f… https://t.co/dMXzj0r9cv https://twitter.com/i/web/status/1237083155728867330 | morpheuslaw |
2020-03-09 18:20:04 | An interesting news about "Nexus Intelligence Insights: What’s in a Ghostcat? CVE-2020-1938 Apache Tomcat – Local… https://t.co/WWnEb5N4Cl https://twitter.com/i/web/status/1237079990669361160 | _Wr0ngName_ |
2020-03-09 16:40:08 | Nexus Intelligence Insights: What’s in a Ghostcat? CVE-2020-1938 Apache Tomcat – Local File Inclusion Potentially L… https://t.co/BBPJSvDrpx https://twitter.com/i/web/status/1237053102613827584 | InfoSecUSA |
2020-03-09 15:50:03 | Nexus Intelligence Insights: What’s in a Ghostcat? CVE-2020-1938 Apache Tomcat – Local File Inclusion Potentially L… https://t.co/7ZdIKZL7wx https://twitter.com/i/web/status/1237042465498152963 | cybsecbot |
2020-03-09 15:10:05 | Nexus Intelligence Insights: What’s in a Ghostcat? CVE-2020-1938 Apache Tomcat – Local File Inclusion Potentially L… https://t.co/6sF9DO7L8a https://twitter.com/i/web/status/1237031791329808385 | cipherstorm |
2020-03-09 14:20:03 | REMINDER: Fix for CVE-2020-1938 #Ghostcat #Vulnerability #Tomcat on #Datafari Community Edition. Hi all, in case yo… https://t.co/LLLY8aTZlm https://twitter.com/i/web/status/1237019145457328137 | francelabs |
2020-03-09 05:50:03 | 최근 Apache Tomcat 취약점(CVE-2020-1938)에 대한 보안 업데이트가 발표되었습니다. (출처 : Mavercik.. | https://t.co/YvWppfeXza 블로그) https://t.co/fCKyKFuxO4 https://hsunryou.blog.me/221844948845 http://me2.do/G3aRF3kY | hsunryou |
2020-03-09 05:20:04 | Apache Tomcatにおける情報漏えいの脆弱性(CVE-2020-1938)についての検証レポート/NTTデータ先端技術 https://t.co/rlwv7EGOLR http://www.intellilink.co.jp/article/vulner/200309.html | test_user_css |
2020-03-09 05:20:03 | Apache Tomcatにおける情報漏えいの脆弱性(CVE-2020-1938)についての検証レポート/NTTデータ先端技術 https://t.co/JTOXFJHt9w http://www.intellilink.co.jp/article/vulner/200309.html | ka0com |
2020-03-09 05:10:03 | 脆弱性検証レポートの新着記事「Apache Tomcatにおける情報漏えいの脆弱性(CVE-2020-1938)についての検証レポート」を掲載しました/NTTデータ先端技術 https://t.co/OybeQ3U7NM http://www.intellilink.co.jp/all/column-tps/20200309/column.html | intellilink_pr |
2020-03-09 01:30:04 | Apache Tomcatの複数の脆弱性情報(High: CVE-2020-1938: Ghostcat, Low: CVE-2020-1935, CVE-2019-17569)と新バージョン(9.0.31/8.5.51/7.0.… https://t.co/33GzTa2aBo https://twitter.com/i/web/status/1236824682705219585 | test_user_css |
2020-03-08 19:10:03 | Looking to better understand how to detect and patch the #tomcat vulnerability Ghost Cat (CVE-2020-1938)? Check o… https://t.co/C2lHYbdi7j https://twitter.com/i/web/status/1236728741839192064 | NotesTutor |
2020-03-08 12:50:03 | [JP] Increased access to 8009 / tcp which seems to have targeted Apache Tomcat vulnerability (CVE-2020-1938)… https://t.co/wkdpI1qUMH https://twitter.com/i/web/status/1236635160247857152 | blueteamsec1 |
2020-03-08 12:00:04 | [JP] Increased access to 8009 / tcp which seems to have targeted Apache Tomcat vulnerability (CVE-2020-1938) https://t.co/eBUQklirGe https://ift.tt/2vykrxI | n0ipr0cs |
2020-03-08 00:30:03 | Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 – wizSafe Security Signal -安心・安全への道標- IIJ https://t.co/dj2Vc1wuSq https://wizsafe.iij.ad.jp/2020/03/929/ | hiroki_takakura |
2020-03-07 13:00:04 | It looks like AT&T uses Tomcat 8.5.43, so they're possibly vulnerable to CVE-2020-1938. #infosec #bugbounty #ghostcat | hexagr |
2020-03-06 17:02:49 | Via @qualys: Automatically Discover, Prioritize, Remediate #Apache #Tomcat AJP File Inclusion #Vuln (CVE-2020-1938… https://t.co/sl6OBBPxEU https://twitter.com/i/web/status/1235972278761840641 | JoeFranscella |
2020-03-06 14:30:04 | Automatically Discover, Prioritize and Remediate Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) usi… https://t.co/Z2pxePTz6Y https://twitter.com/i/web/status/1235934471897182211 | SMasergy |
2020-03-06 14:10:03 | Automatically Discover, Prioritize and Remediate Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) usi… https://t.co/zRfaZfKosN https://twitter.com/i/web/status/1235929124243456000 | qualys |
2020-03-06 10:40:05 | Working with our partner @PwC_France allowed us to quickly write a check for #Ghostcat #CVE20201938 #CVE-2020-1938… https://t.co/zU2GE9xJym https://twitter.com/i/web/status/1235876007636328449 | onyphe |
2020-03-06 07:40:04 | We acted quickly. Updated release because of #Tomcat's vulnerability CVE-2020-1938. #BusinessBotPlatform R2020 FP20… https://t.co/IHp7CdXiDi https://twitter.com/i/web/status/1235830492399669249 | citunius |
2020-03-06 06:30:05 | Ghostcat (CVE-2020-1938)にパッチを当ててますか?: 前日、IPA なども注意喚起を行なっていた Tomcat の脆弱性*1が、意外と影響が大き... https://t.co/5m09U0cww7 https://blog.cles.jp/item/11581?utm_source=rss?utm_source=SocialDog | hsur |
2020-03-06 05:30:02 | tomcat CVE-2020-1938 検証 - Nick Security Log https://t.co/EUcwMC8Ir9 https://t.co/ehrRPzlAC6 http://dlvr.it/RRLWWP | nichii_a |
2020-03-06 03:40:04 | GitHub Trending Archive, 04 Mar 2020, Python. xindongzhuaizhuai/CVE-2020-1938, puzzlelib/PuzzleLib, nibiwodong/CNVD… https://t.co/E1QnHF4iwe https://twitter.com/i/web/status/1235769595040063490 | motakasoft |
2020-03-06 01:50:03 | Automatically Discover, Prioritize and Remediate Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) usi… https://t.co/uz79gvdYek https://twitter.com/i/web/status/1235744284319588353 | security_inside |
2020-03-06 01:40:03 | Automatically Discover, Prioritize and Remediate Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) usi… https://t.co/bQcdQohh7h https://twitter.com/i/web/status/1235740523802972161 | cipherstorm |
2020-03-06 01:20:03 | Automatically Discover, Prioritize and Remediate Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) usi… https://t.co/p5L0V322eV https://twitter.com/i/web/status/1235735238933766144 | shah_sheikh |
2020-03-05 23:50:02 | Ghostcat検証したよ tomcat CVE-2020-1938 検証 - Nick Security Log https://t.co/1QR877Dbjr https://www.nicksecuritylog.com/entry/tomcat_CVE-2020-1938 | STUSecInfo |
2020-03-05 21:20:05 | CVE-2020-1938: Ghostcat aka Tomcat 9/8/7/6 in the default configuration (port 8009) leading to disclosure of config… https://t.co/fMyaAXQhjF https://twitter.com/i/web/status/1235675046489649152 | everythingcybr |
2020-03-05 16:00:02 | WARNING: #Apache #Tomcat Sofware contains vulnerability CVE-2020-1938, a.k.a. #GhostCat. Could allow remote attack… https://t.co/DhYWlFYjpD https://twitter.com/i/web/status/1235595930646261761 | certbe |
2020-03-05 09:40:04 | @n0x08 @campuscodi FYI Official KB CVE-2020-1938 by F5 ↘️ https://t.co/Ilg6vgT86u https://support.f5.com/csp/article/K53254186 | SwitHak |
2020-03-05 09:20:03 | Fix for CVE-2020-1938 #Ghostcat #Vulnerability on #Datafari Community Edition. Hi all, in case you have a Datafari… https://t.co/srAELfPbuI https://twitter.com/i/web/status/1235492419317178368 | francelabs |
2020-03-05 09:20:03 | [Apache] https://t.co/qzpufFgUQs [注目技術記事] Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加... https://t.co/TxhUF5Re9f #Apache https://www.tech-run.net/ja/contents/apache https://wizsafe.iij.ad.jp/2020/03/929/ | TechRunJa |
2020-03-05 07:20:08 | Ghostcat Tomcat Vulnerability Check【 CVE-2020-1938 】 https://t.co/J7pMthm5aa https://github.com/chaitin/xray | cihanmehmets |
2020-03-05 03:40:04 | GitHub Trending Archive, 03 Mar 2020, Python. xindongzhuaizhuai/CVE-2020-1938, puzzlelib/PuzzleLib, nibiwodong/CNVD… https://t.co/N34PIZson3 https://twitter.com/i/web/status/1235407207056850944 | motakasoft |
2020-03-04 13:20:03 | Ghostcat, an Apache Tomcat sever vulnerability (CNVD-2020-10487/CVE-2020-1938) https://t.co/WYH5BA0cP1 #BMCsoftware http://bit.ly/39qQ4YM | BMCCommunities |
2020-03-04 10:50:06 | Analyzing traffic from a POC for the Apache Tomcat vulnerbaility CVE-2020-1938 (Ghostcat) which includes arbitrary… https://t.co/VvzcBgPmPW https://twitter.com/i/web/status/1235153818234605568 | vulmon_ |
2020-03-04 10:50:05 | CVE-2020-1938 alias GhostCat NVD: https://t.co/dn4BtOiaHQ Website: https://t.co/nEZp7Ug5ki Patched TomCat versi… https://t.co/Sb75jtLNGR https://nvd.nist.gov/vuln/detail/CVE-2020-1938 https://www.chaitin.cn/en/ghostcat https://twitter.com/i/web/status/1235154776628834304 | CKsTechNews |
2020-03-04 10:40:03 | Analyzing traffic from a POC for the Apache vulnerbaility CVE-2020-1938 which includes arbitrary file reads with l… https://t.co/Q0A1kk3W4e https://twitter.com/i/web/status/1235152968976039937 | vulmon_ |
2020-03-04 09:10:46 | CVE-2020-1938 (tomcat) | When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming conn… https://t.co/MGuRy8CqtJ https://twitter.com/i/web/status/1233801805399613440 | ZeroSecVulns |
2020-03-04 08:10:06 | Kritische Lücke (9.8/10) "Ghostcat" in Apache #Tomcat-Versionen seit 6.0 (CVE-2020-1938) | #Ghostcat #Security https://t.co/bTY5ZffD78 https://www.heise.de/security/meldung/Jetzt-patchen-Kritische-Luecke-Ghostcat-in-Apache-Tomcat-Versionen-seit-6-0-4673983.html | hochsicherheit |
2020-03-04 07:50:03 | ⚠️ GhostCat ~ Una nueva vulnerabilidad de 'lectura / inclusión de archivos' de alto riesgo (CVE-2020-1938) afecta a… https://t.co/wyDPifDbYT https://twitter.com/i/web/status/1235107808632176644 | adominguezc |
2020-03-04 04:50:03 | UniFi controller 5.12.35 has Tomcat 8.5.34 which is vulnerable to CVE-2020-1938, right? Doesn’t open AJP port by default. #GhostCat | acyberexpert |
2020-03-04 03:40:03 | GitHub Trending Archive, 02 Mar 2020, Python. xindongzhuaizhuai/CVE-2020-1938, puzzlelib/PuzzleLib, nibiwodong/CNVD… https://t.co/Q2RhbnWMlj https://twitter.com/i/web/status/1235044821305196544 | motakasoft |
2020-03-04 03:20:04 | Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 – wizSafe Security Signal -安心・安全への道標- IIJ https://t.co/jnKhMX8wgz https://wizsafe.iij.ad.jp/2020/03/929/ | miyabi_ver39 |
2020-03-04 01:00:03 | Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 – wizSafe Security Signal -安心・安全への道標- IIJ https://t.co/DuLmTPC1o4 https://wizsafe.iij.ad.jp/2020/03/929/ | spread_jp |
2020-03-03 23:50:06 | Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 – wizSafe Security Signal -安心・安全への道標- IIJ https://t.co/M8R5z16MJo https://wizsafe.iij.ad.jp/2020/03/929/ | kenko1026 |
2020-03-03 23:40:04 | Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 – wizSafe Security Signal -安心・安全への道標- IIJ https://t.co/Fo9aVEYr0b https://wizsafe.iij.ad.jp/2020/03/929/ | kuzugunshi |
2020-03-03 23:10:04 | Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 – wizSafe Security Signal -安心・安全への道標- IIJ https://t.co/ILhlxYeSnS https://wizsafe.iij.ad.jp/2020/03/929/ | miwachang |
2020-03-03 16:10:03 | Jetzt patchen: Kritische Lücke #Ghostcat in @TheASF @TheApacheTomcat Versionen #ajp seit 6.0 #CVE-2020-1938 ist… https://t.co/efJz7DRdGC https://twitter.com/i/web/status/1234873644716871680 | fpientka |
2020-03-03 15:40:03 | CVE-2020-1938: Tomcat is dead | ricardoarguello |
2020-03-03 14:50:06 | Tema para revisar: ¿Cómo afecta la vulnerabilidad CVE-2020-1938 de #Tomcat apodada #Ghostcat a los servidores de… https://t.co/RT15C7WuX8 https://twitter.com/i/web/status/1234852802805010433 | rfb_ |
2020-03-03 13:30:04 | New Apache Tomcat Vulnerability affecting all releases from the past 13 years. (CVE-2020-1938) https://t.co/5MVUOtJeQJ https://thehackernews.com/2020/02/ghostcat-new-high-risk-vulnerability.html | JoshMcGruff |
2020-03-03 10:40:03 | java: Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 – wizSafe Security Signal -安心・安全への道標- IIJ https://t.co/kErFUL95lK https://wizsafe.iij.ad.jp/2020/03/929/ | RSS_hateb_l_Roy |
2020-03-03 09:00:07 | ちょっとお仕事に関係あるのでメモ。 Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 – wizSafe Security Signal -安心・安全への道標-… https://t.co/4zoSHF1VyD https://twitter.com/i/web/status/1234763821824147456 | tk6904 |
2020-03-03 07:40:03 | Ghostcat (CVE-2020-1938): ongoing scans for unpatched Apache Tomcat servers. Patch now! https://t.co/vu2CHWaXaF "A… https://t.co/ZKBeUoPLdx https://www.andreafortuna.org/2020/03/03/ghostcat-cve-2020-1938-ongoing-scans-for-unpatched-apache-tomcat-servers-patch-now/ https://twitter.com/i/web/status/1234744715364327425 | catnap707 |
2020-03-03 06:20:03 | Critical Alert: A Vulnerability in Apache Tomcat Could Allow for Arbitrary File Reading (CVE-2020-1938)… https://t.co/tXHAqfZ3Rq https://twitter.com/i/web/status/1234722990656344069 | bgdegovcirt |
2020-03-03 03:40:04 | GitHub Trending Archive, 01 Mar 2020, Python. xindongzhuaizhuai/CVE-2020-1938, puzzlelib/PuzzleLib, alibaba/genie-b… https://t.co/09SwmkVTOV https://twitter.com/i/web/status/1234682431438934017 | motakasoft |
2020-03-03 03:10:05 | Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 – wizSafe Security Signal -安心・安全への道標- IIJ https://t.co/H0Q0loWPpv https://wizsafe.iij.ad.jp/2020/03/929/ | DespairFEAR |
2020-03-03 03:00:09 | 【脆弱性情報】 "CVE-2020-1938" Apache TomcatにおいてAJP(Apache JServ Protocol)リクエスト送信を利用しWebアプリケーションを攻撃できる可能性を持つ脆弱性が報告されています。… https://t.co/xjKJ48r3wx https://twitter.com/i/web/status/1234673049158373376 | yamory_sec |
2020-03-03 02:10:06 | Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 – wizSafe Security Signal -安心・安全への道標- IIJ https://t.co/6JR5GPongt https://wizsafe.iij.ad.jp/2020/03/929/ | ohhara_shiojiri |
2020-03-03 01:50:03 | Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 – wizSafe Security Signal -安心・安全への道標- IIJ https://t.co/43DSF9MlOV https://wizsafe.iij.ad.jp/2020/03/929/ | raydive |
2020-03-03 01:20:05 | Apache Tomcat における脆弱性(CVE-2020-1938)について:IPA 独立行政法人 情報処理推進機構 - https://t.co/f2loKfnGFb おっと、知らんかった https://www.ipa.go.jp/security/ciadr/vul/alert20200225.html | od_10z |
2020-03-03 00:00:04 | AJPを使用するケースの脆弱性。 / 他3件のコメント https://t.co/bLYHRLp80u “Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 – wi… https://t.co/pABCr7XUzm https://b.hatena.ne.jp/entry/s/wizsafe.iij.ad.jp/2020/03/929/ https://twitter.com/i/web/status/1234628294542118914 | ryuichi_1208 |
2020-03-02 22:50:03 | Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 https://t.co/sxRFvkTffu https://wizsafe.iij.ad.jp/2020/03/929/ | kabukawa |
2020-03-02 22:20:03 | Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 – wizSafe Security Signal -安心・安全への道標- IIJ https://t.co/zRwIX18kVy https://wizsafe.iij.ad.jp/2020/03/929/ | MyM4i |
2020-03-02 22:00:03 | Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 – wizSafe Security Signal -安心・安全への道標- IIJ https://t.co/PvXoRNqaYu https://wizsafe.iij.ad.jp/2020/03/929/ | araki_luka |
2020-03-02 18:20:06 | CVE-2020-1938: #Ghostcat vulnerability https://t.co/D2mORbcvh6 #infosec < through an exposed AJP Connector on 8009/… https://t.co/8k3muXnL6T https://buff.ly/2Tw4Vud https://twitter.com/i/web/status/1234542514671116288 | domineefh |
2020-03-02 17:30:03 | Apache Tomcat File Inclusion #Vulnerability (CVE-2020-1938) https://t.co/WTPB9Cu5FE #cybersecurity https://t.co/U4NmrIY2cp https://buff.ly/2TxiM3r | NcuIsao |
2020-03-02 16:30:04 | Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 https://t.co/CFCErG2Ud0 https://wizsafe.iij.ad.jp/2020/03/929/ | Yamaguchi4869 |
2020-03-02 15:10:07 | For those of you that are running Apache Tomcat. Check out CVE-2020-1938. #Ghostcat #Patch #Vulnerability | wtfopsecmonkey |
2020-03-02 14:30:04 | @__KOPEK__ CVE-2020-1938 me ha hecho el mes, | poisoncuba |
2020-03-02 13:50:03 | CVE-2020-1938 This is a widespread vulnerability that puts most if not all customers at risk... GhostCat: New High… https://t.co/MhbDa3DbBA https://twitter.com/i/web/status/1234474860128227337 | EhrichRoberts |
2020-03-02 11:50:03 | CVE-2020-1938: Ghostcat aka Tomcat 9/8/7/6 Tenable post from Feb 21st: https://t.co/DJbpZWEIe7 Discovery:… https://t.co/X5q3bPgL9z https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487 https://twitter.com/i/web/status/1234445722528944128 | ronnieflip |
2020-03-02 09:20:03 | CVE-2020-1938の件、外部にport8009開けてる人なんていないだろ、と一瞬思ったけどmod_proxy_ajpとかでプロキシしてる例は数多あるから相当アレだった。 | chonaso |
2020-03-02 08:50:07 | TheHackersNews : RT TheHackersNews: 🐱 GhostCat ~ A new high risk 'file read/inclusion' vulnerability (CVE-2020-1938… https://t.co/bngKLLrMxj https://twitter.com/i/web/status/1234398636748025856 | byHoRRoR |
2020-03-02 08:30:05 | Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加 – wizSafe Security Signal -安心・安全への道標- IIJ https://t.co/vNUOLSPu7l https://wizsafe.iij.ad.jp/2020/03/929/ | ka0com |
2020-03-02 08:20:04 | セキュリティ情報発信サイト「wizSafe Security Signal」に「Apache Tomcatの脆弱性(CVE-2020-1938)を狙ったと思われる8009/tcpへのアクセス増加」を掲載。本件に関し、IIJ SOC… https://t.co/PJZxafnhpY https://twitter.com/i/web/status/1234392157840007168 | IIJ_PR |
2020-03-02 08:20:04 | 先日、Apache Tomcatの脆弱性(CVE-2020-1938)が発表されました。IIJのSOCでもこの脆弱性を狙ったと思われる攻撃を多数観測しています。当該の通信を拒否するなどの対策をご検討ください。 IIJ SOCからの… https://t.co/PLBYFHWxzP https://twitter.com/i/web/status/1234391483836321792 | IIJ_doumae |
2020-03-02 05:00:03 | GhostCat: New High-Risk Vulnerability (CVE-2020-1938) Affects Servers Running Apache Tomcat via @TheHackersNews… https://t.co/64ScvCtfAe https://twitter.com/i/web/status/1234342670102740992 | proficioinc |
2020-03-02 04:30:03 | 脆弱性Ghostcat(Apache Tomcatの脆弱性CVE-2020-1938) の脅威について - みっきー申す https://t.co/lzFHTgTLyk https://micro-keyword.hatenablog.com/entry/2020/02/29/185235 | w4yh |
2020-03-02 03:40:03 | GitHub Trending Archive, 29 Feb 2020, Python. xindongzhuaizhuai/CVE-2020-1938, alibaba/genie-bt-mesh-stack, nibiwod… https://t.co/yBYERGMRK0 https://twitter.com/i/web/status/1234320045066506243 | motakasoft |
2020-03-02 00:30:03 | CVE-2020-1938: Ghostcat aka Tomcat 9/8/7/6 in the default configuration (port 8009) leading to disclosure of config… https://t.co/yoc1L1Geji https://twitter.com/i/web/status/1234274369209171968 | blueteamsec1 |
2020-03-01 23:30:03 | CVE-2020-1938 has a logo. WE'RE AT DEFCON1 PEOPLE! https://t.co/yCcvmENfR3 | 4d5a_etc |
2020-03-01 17:50:03 | CVE-2020-1938: Ghostcat aka Tomcat 9/8/7/6 in the default configuration (port 8009) leading to disclosure of config… https://t.co/X9IpXZQTjg https://twitter.com/i/web/status/1234173978962468864 | chris_foulon |
2020-03-01 14:10:03 | Custom Snort signature to detect CVE-2020-1938 exploitation https://t.co/byNL49v5xB https://raw.githubusercontent.com/bhdresh/SnortRules/master/Exploit/CVE-2020-1938.rules | bhdresh |
2020-03-01 12:30:03 | Tomcat LFI CVE-2020-1938 https://t.co/YI0H3V9XoH https://lists.apache.org/x/thread.html/r7c6f492fbd39af34a68681dbbba0468490ff1a97a1bd79c6a53610ef%40%3Cannounce.tomcat.apache.org%3E | jameel_nabbo |
2020-03-01 09:20:04 | CVE-2020-1938: Ghostcat aka Tomcat 9/8/7/6 in the default configuration (port 8009) leading to disclosure of … https://t.co/5ofkcuJVrL https://www.reddit.com/r/netsec/comments/fbf63w/cve20201938_ghostcat_aka_tomcat_9876_in_the/ | redd_anon |
2020-03-01 08:50:08 | TheHackersNews : 🐱 GhostCat ~ A new high risk 'file read/inclusion' vulnerability (CVE-2020-1938) affects all versi… https://t.co/KmEziBOZSk https://twitter.com/i/web/status/1234036272370536448 | byHoRRoR |
2020-03-01 08:10:04 | TheHackersNews: RT TheHackersNews: 🐱 GhostCat ~ A new high risk 'file read/inclusion' vulnerability (CVE-2020-1938)… https://t.co/EDR6kAUrlJ https://twitter.com/i/web/status/1234027401392332800 | B01Group |
2020-03-01 03:10:05 | Ghostcat is a high-risk file read / include vulnerability in Tomcat CVE-2020-1938: Ghostcat vulnerability https://t.co/mJTpiw4SUw https://www.chaitin.cn/en/ghostcat | unleashedmen |
2020-03-01 03:00:03 | CVE-2020-1938: Ghostcat vulnerability https://t.co/mJTpiw4SUw https://www.chaitin.cn/en/ghostcat | unleashedmen |
2020-02-29 23:10:04 | Der AJP-Handler im Apache Tomcat zieht den Hauptgewinn. CVSS 9.8 in CVE-2020-1938 - https://t.co/4sJre0xDWZ - Achtu… https://t.co/QXDkmv0BkY https://www.chaitin.cn/en/ghostcat https://twitter.com/i/web/status/1233889939240161280 | gnuheidix |
2020-02-29 21:50:03 | Ghostcat (CVE-2020-1938) How does it work?: https://t.co/nEZp7Ug5ki Info: By default and listens at TCP port 8009… https://t.co/6xllDPhnra https://www.chaitin.cn/en/ghostcat https://twitter.com/i/web/status/1233870239848435712 | CKsTechNews |
2020-02-29 19:10:03 | CVE-2020-1938 YARA rule - Detect actively used Apach Tomcat AJP connector flaw https://t.co/UduiSS3Ui5 https://github.com/Neo23x0/signature-base/blob/master/yara/vul_cve_2020_1938.yar | Anastasis_King |
2020-02-29 18:10:06 | CVE-2020-1938: Ghostcat aka Tomcat 9/8/7/6 in the default configuration (port 8009) leading to disclosure of https://t.co/JA3xSENb7s http://hrbt.us/192478 | hardreboot |
2020-02-29 17:50:05 | CVE-2020-1938: Ghostcat aka Tomcat 9/8/7/6 in the default configuration (port 8009) leading to disclosure of config… https://t.co/8HgegK3RFa https://twitter.com/i/web/status/1233810010414686208 | rtcz_io |
2020-02-29 17:20:06 | New post: "CVE-2020-1938: Ghostcat aka Tomcat 9/8/7/6 in the default configuration (port 8009) leading to disclosur… https://t.co/EbQyej9WlS https://twitter.com/i/web/status/1233802192676626439 | Myinfosecfeed |
2020-02-29 17:20:05 | @steventseeley @pedrib1337 So, the correct CVSS Base Score of CVE-2020-1938 (Ghostcat) should be 3.3. Attack Vector… https://t.co/eFTE2cDDoU https://twitter.com/i/web/status/1233803055692492801 | joaomatosf |
2020-02-29 17:10:06 | CVE-2020-1938: Ghostcat aka Tomcat 9/8/7/6 in the default configuration (port 8009) leading to disclosure of config… https://t.co/FIfefYs8Pk https://twitter.com/i/web/status/1233798615065194496 | _r_netsec |
2020-02-29 16:30:05 | GitHub - laolisafe/CVE-2020-1938: CVE-2020-1938漏洞复现 https://t.co/ANEaJt9gIp https://github.com/laolisafe/CVE-2020-1938 | n0ipr0cs |
2020-02-29 16:30:04 | GitHub - 0nise/CVE-2020-1938: CVE-2020-1938 https://t.co/zhZ6Y75dUH https://github.com/0nise/CVE-2020-1938 | n0ipr0cs |
2020-02-29 16:30:04 | GitHub - xindongzhuaizhuai/CVE-2020-1938 https://t.co/UzOC5xOTzp https://github.com/xindongzhuaizhuai/CVE-2020-1938 | n0ipr0cs |
2020-02-29 16:10:06 | CVE-2020-1938 | BufferBandit |
2020-02-29 14:50:06 | Another day, another press-hyped celebrity vuln, this time "Ghostcat" (CVE-2020-1938) : a strong potential RCE & d… https://t.co/lOpLUPihkg https://twitter.com/i/web/status/1233763613090906112 | hrbrmstr |
2020-02-29 13:10:07 | FullHunt has been monitoring #GhostCat vulnerability (CVE-2020-1938). This vulnerability affects all versions of Ap… https://t.co/wMBYbQHVIu https://twitter.com/i/web/status/1233737771833077760 | FullHunt |
2020-02-29 11:50:08 | "RT TheHackersNews: 🐱 GhostCat ~ A new high risk 'file read/inclusion' vulnerability (CVE-2020-1938) affects all ve… https://t.co/lNWhQrOXIJ https://twitter.com/i/web/status/1233716347516997632 | trip_elix |
2020-02-29 11:10:07 | https://t.co/E0FLm73ypy CVE-2020-1938: Ghostcat vulnerability https://www.chaitin.cn/en/ghostcat | 1nf0s3cpt |
2020-02-29 10:00:04 | はてなブログに投稿しました 脆弱性Ghostcat(Apache Tomcatの脆弱性CVE-2020-1938) の脅威について - みっきー申す https://t.co/M184UhSoGm #はてなブログ https://micro-keyword.hatenablog.com/entry/2020/02/29/185235 | microkeyword |
2020-02-29 09:50:06 | 🐱 GhostCat ~ A new high risk 'file read/inclusion' vulnerability (CVE-2020-1938) affects all versions of 'Apache To… https://t.co/FltpVoamcA https://twitter.com/i/web/status/1233688382695510016 | security_wang |
2020-02-29 09:50:05 | #ghostcat CVE-2020-1938 #shodan results: product:"Apache Tomcat/Coyote JSP engine" port:"8009"… https://t.co/yoifx4B4Cv https://twitter.com/i/web/status/1233690232341454848 | x1sec |
2020-02-29 09:40:04 | 今見てる: 0nise/CVE-2020-1938: CVE-2020-1938: https://t.co/q8dL0MV8KG https://github.com/0nise/CVE-2020-1938 | py_n_ |
2020-02-29 09:40:03 | CVE-2020-1938 #apache #tomcat #shodan results: product:"Apache Tomcat/Coyote JSP engine" port:"8009" https://t.co/FMMY45EoRI | x1sec |
2020-02-29 09:30:05 | Ghostcat (CVE-2020-1938) impacts all Apache #Tomcat versions released in the last 13 years! Write-up:… https://t.co/oCoW5bA3Kf https://twitter.com/i/web/status/1233685434833735680 | PenTesting |
2020-02-29 09:00:06 | CNVD-2020-10487-Tomcat-ajp-POC - CNVD-2020-10487(CVE-2020-1938), tomcat ajp 文件读取漏洞poc https://t.co/y1XAHalkai http://github.com/nibiwodong/CNVD-2020-10487-Tomcat-ajp-POC | pythontrending |
2020-02-29 09:00:05 | CVE-2020-1938 - https://t.co/2IG0MDygDH http://github.com/xindongzhuaizhuai/CVE-2020-1938 | pythontrending |
2020-02-29 08:20:14 | TheHackersNews: 🐱 GhostCat ~ A new high risk 'file read/inclusion' vulnerability (CVE-2020-1938) affects all versio… https://t.co/OpEZzCeD9Z https://twitter.com/i/web/status/1233664991246594055 | B01Group |
2020-02-29 05:50:04 | 🐱 GhostCat ~ A new high risk 'file read/inclusion' vulnerability (CVE-2020-1938) affects all versions of 'Apache To… https://t.co/vOycnJ8D93 https://twitter.com/i/web/status/1233627972436885504 | unix_root |
2020-02-29 02:40:05 | CVE-2020-1938 YARA rule - Detect actively used Apach Tomcat AJP connector flaw https://t.co/fgU7DekjaQ https://github.com/Neo23x0/signature-base/blob/master/yara/vul_cve_2020_1938.yar | SuBfL0w |
2020-02-29 01:40:05 | CVE-2020-1938: Ghostcat vulnerability https://t.co/G49k5YjVUL https://www.chaitin.cn/en/ghostcat | tuxotron |
2020-02-29 00:30:05 | Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 https://t.co/1ZH0SvJJXW @jpcert https://www.jpcert.or.jp/at/2020/at200009.html | morimori_nori |
2020-02-28 22:40:05 | More reasons to GeoIP fence off IP space from #China, as the majority of attacks exploiting CVE-2020-1938 originate… https://t.co/tPSXXjmXoF https://twitter.com/i/web/status/1233518946894196737 | envescent |
2020-02-28 22:20:04 | Admittedly, we should've had CVE-2020-1938 added into monitoring sooner. Regardless, you can still query our API fo… https://t.co/8VySC2Koak https://twitter.com/i/web/status/1233515911161765888 | bad_packets |
2020-02-28 21:50:06 | #GhostCat ~ A new high risk 'file read/inclusion' vulnerability (CVE-2020-1938) affects all versions of 'Apache Tom… https://t.co/AuVWLE12V0 https://twitter.com/i/web/status/1233509369356132354 | YourAnonRiots |
2020-02-28 21:44:09 | 「Apache Tomcat」に複数の脆弱性、CVE-2020-1938には注意喚起も https://t.co/JvLUvRyyrm https://allnews05.x-day.tokyo/?p=37749 | SaishinNews0 |
2020-02-28 21:00:03 | あ、Tomcatの脆弱性(CVE-2020-1938 )、IPAのほうは7-9の一部のバージョンって書いてあったけど、ここはちゃんと書いてあるわ...6.xって(ま、まぁ「他のバージョンもあるかもよってIPAのほうはぼかしていたの… https://t.co/Ye31tZxMNO https://twitter.com/i/web/status/1233496766252769284 | g_plains |
2020-02-28 20:10:03 | AJP(Apache JServ Protocol)リクエストを用いてファイル読み出しができる脆弱性ですが油断してたら名前付いてた。 CVE-2020-1938: Ghostcat vulnerability https://t.co/W9w6t7nqGw https://www.chaitin.cn/en/ghostcat | ntsuji |
2020-02-28 19:50:08 | Cat face GhostCat ~ A new high risk 'file read/inclusion' #vulnerability (CVE-2020-1938) affects all versions of 'A… https://t.co/iGNxFBhOmW https://twitter.com/i/web/status/1233477431899643909 | lgomezperu |
2020-02-28 19:41:10 | CVE-2020-1938: Ghostcat vulnerability https://t.co/tSiDwjDUVo http://hrbt.us/192394 | hardreboot |
2020-02-28 19:41:08 | CVE-2020-1938: Ghostcat vulnerability https://t.co/ldc28I7jUq #appsec #security #secops https://ift.tt/2TmUSI1 | rtcz_io |
2020-02-28 19:00:09 | This week's threat report discusses the CVE-2020-1938, which has been given the name of "GhostCat" by the security… https://t.co/IcPYLavkuf https://twitter.com/i/web/status/1233464635090751488 | Avertium |
2020-02-28 19:00:07 | 🐱 GhostCat ~ A new high risk 'file read/inclusion' vulnerability (CVE-2020-1938) affects all versions of 'Apache To… https://t.co/DuPmY5LCQh https://twitter.com/i/web/status/1233465827158110209 | massilanzi |
2020-02-28 19:00:05 | "🐱 GhostCat ~ A new high risk 'file read/inclusion' vulnerability (CVE-2020-1938) affects all versions of 'Apache T… https://t.co/yiMK7sVwRF https://twitter.com/i/web/status/1233465951674413058 | trip_elix |
2020-02-28 18:50:04 | 🐱 GhostCat ~ A new high risk 'file read/inclusion' vulnerability (CVE-2020-1938) affects all versions of 'Apache To… https://t.co/l8Que8bVRN https://twitter.com/i/web/status/1233463648728866816 | cloudsilicon |
2020-02-28 18:40:07 | CVE-2020-1938 | josuechaqui |
2020-02-28 18:30:08 | 🐱 GhostCat ~ A new high risk 'file read/inclusion' vulnerability (CVE-2020-1938) affects all versions of 'Apache To… https://t.co/runveKrC8J https://twitter.com/i/web/status/1233458874088214528 | TheHackersNews |
2020-02-28 18:30:05 | 🐱 GhostCat ~ A new high risk 'file read/inclusion' vulnerability (CVE-2020-1938) affects all versions of 'Apache To… https://t.co/UPjTE0vnrh https://twitter.com/i/web/status/1233459146726543362 | Swati_THN |
2020-02-28 18:20:05 | New post: "CVE-2020-1938: Ghostcat vulnerability" https://t.co/jo4QmsGaX2 https://ift.tt/2PylJQq | Myinfosecfeed |
2020-02-28 18:00:04 | CVE-2020-1938: Ghostcat vulnerability https://t.co/fp60F31N2q https://www.chaitin.cn/en/ghostcat | _r_netsec |
2020-02-28 16:10:06 | Ghostcat: Critical Tomcat vulnerability (CVE-2020-1938) https://t.co/R8rRIuvAOy #Cybersecurity #Apache #Tomcat https://t.co/GkGltaVoK3 https://buff.ly/2Tm0u5q | securezoo |
2020-02-28 15:30:03 | CVE-2020-1938 https://t.co/uDYoQ5kBCk https://twitter.com/campuscodi/status/1233400508435619845 | w0mbat5eoul |
2020-02-28 14:50:06 | @campuscodi #EmojiVuln CVE-2020-1938 Ghostcat 👻😺 https://t.co/cF3N14K98P https://twitter.com/justin_lister/status/1233393920953815040?s=21 | justin_lister |
2020-02-28 14:40:03 | Here's the Ghostcat (CVE-2020-1938) write-up: https://t.co/ovLGYPxguJ PoC 1: https://t.co/eV1MmJPfXk PoC 2:… https://t.co/hl7Kr4srI7 https://www.chaitin.cn/en/ghostcat https://github.com/laolisafe/CVE-2020-1938 https://twitter.com/i/web/status/1233401403596558342 | campuscodi |
2020-02-28 11:30:04 | Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 https://t.co/63CPyphOJt @jpcert https://www.jpcert.or.jp/m/at/2020/at200009.html | PpCube |
2020-02-28 10:30:27 | CVE-2020-1938の検証をやってみた-その2コマンド実行の検証 https://t.co/HtR53VXIGC "AJPの脆弱性をついてファイルにアクセスした際はファイル内容をjspとして取り扱ってくれるのでこういった現象が発生しています" https://nekotosec.com/cve-2020-1938-verification-2/ | catnap707 |
2020-02-28 09:30:05 | CVE-2020-1938の検証をやってみた-その2コマンド実行の検証 https://t.co/5khs5LiWv5 https://nekotosec.com/cve-2020-1938-verification-2/ | submoodle |
2020-02-28 09:10:08 | 🔴APACHE🔴 Múltiples vulnerabilidades de severidad alta en productos APACHE: CVE-2014-4651,CVE-2020-1938 Más info… https://t.co/jhPPY8nPQG https://twitter.com/i/web/status/1233314655868801024 | GrupoICA_Ciber |
2020-02-28 08:30:12 | CVE-2020-1938の検証をやってみた-その2コマンド実行の検証 https://t.co/8zTCr3CLuU https://nekotosec.com/cve-2020-1938-verification-2/ | ka0com |
2020-02-28 07:10:03 | Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 https://t.co/Df1FdyQZW1 https://www.jpcert.or.jp/at/2020/at200009.html | ohhara_shiojiri |
2020-02-28 06:40:03 | Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起を更新。「IV.回避策」と「V.参考情報」を更新しました。アップデートの実施が難しい場合には、回避策の検討を。^YK https://t.co/SelBWjCpV4 https://www.jpcert.or.jp/at/2020/at200009.html | jpcert |
2020-02-28 05:20:03 | CVE-2020-1938 推奨されるapache httpdの対処で、ProxyPassでsecret指定する、ってapache 2.4でやってもシンタックスエラーになる… | asmodsky |
2020-02-28 05:10:03 | 「Apache Tomcat」に複数の脆弱性、CVE-2020-1938には注意喚起も(JVN) https://t.co/PfSszGnB84 https://scan.netsecurity.ne.jp/article/2020/02/26/43734.html | yossy_0226 |
2020-02-28 04:30:03 | 「Apache Tomcat」に複数の脆弱性、CVE-2020-1938には注意喚起も(JVN) https://t.co/SBo9xT3Z6I https://scan.netsecurity.ne.jp/article/2020/02/26/43734.html | ScanNetSecurity |
2020-02-28 03:30:03 | 前回の記事に興味がある人がいるようなので、特定条件下でのコマンド実行を検証したでござる。 間違っていた内容があれば教えてください。 CVE-2020-1938の検証をやってみた-その2コマンド実行の検証 https://t.co/LbgGn5SyJE https://nekotosec.com/cve-2020-1938-verification-2/ | tokoroten0813 |
2020-02-27 16:30:48 | Ghostcat is a high-risk file read / include vulnerability in Tomcat - 【 CVE-2020-1938 】- online test https://t.co/TnbFJy0sfx https://www.chaitin.cn/en/ghostcat#online_test | osvaldo_hp |
2020-02-27 15:50:05 | Current Status of CVE-2020-1938: #Ghostcat within #Germany. Vulnerable 1260/58431 (8009 open) Top ASNs 345 AS24940… https://t.co/uJhdR4yODW https://twitter.com/i/web/status/1233055589292552193 | schniggie |
2020-02-27 15:00:19 | Just stumbled upon CVE-2020-1938 : When was the last time you updated your Apache #Tomcat installation? Up to 7.0… https://t.co/Xyf4YX9FfA https://twitter.com/i/web/status/1233043764857446400 | 2smart4u |
2020-02-27 14:20:04 | Ghostcat (CVE-2020-1938), a brand-new file inclusion vulnerability in Apache Tomcat https://t.co/boC0H7nlBm https://www.andreafortuna.org/2020/02/25/ghostcat-cve-2020-1938-a-serious-file-inclusion-vulnerability-in-apache-tomcat/ | osvaldo_hp |
2020-02-27 14:02:12 | CVE-2020-1938の検証をやってみた - https://t.co/ohl0DhYiWj https://nekotosec.com/cve-2020-1938-verification/ | ka0com |
2020-02-27 03:30:04 | Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 https://t.co/DJeXi3AK2p https://www.jpcert.or.jp/at/2020/at200009.html | spread_jp |
2020-02-27 00:10:03 | コロナの影に隠れがちですが、個人的な感想として結構ヤバめなtomcatの脆弱性を検証してみました。 外部からでも攻撃できそうなところもあるかなと 内部からならかなり行ける気がする CVE-2020-1938の検証をやってみた https://t.co/WRSY6BJLl3 https://nekotosec.com/cve-2020-1938-verification/ | tokoroten0813 |
2020-02-26 21:30:04 | 「Apache Tomcat」に複数の脆弱性、CVE-2020-1938には注意喚起も(JVN) https://t.co/Dr2X6sVvlI https://t.co/yOAK3H1cLA http://izumino.jp/Security/sec_trend.cgi?ref=tw&ref_date=2020-02-27%2006%3A20 https://www.excite.co.jp/news/article/Scannetsecurity_43734/ | sec_trend |
2020-02-26 11:50:06 | 注意喚起: Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 (公開) https://t.co/vyHnFraq9p https://www.jpcert.or.jp/at/2020/at200009.html | microkeyword |
2020-02-26 11:30:03 | 「Apache Tomcatの脆弱性」 (CVE-2020-1938) ↓ リモートでのコード実行や 情報漏洩の可能性があります。 意外なところで使用されている ので、ご注意を! 例えば、、 ・複合機 ・ネット… https://t.co/QzpktwKzr1 https://twitter.com/i/web/status/1232628656159084544 | hyougase |
2020-02-26 07:31:41 | Ghostcat (CVE-2020-1938), a brand-new file inclusion vulnerability in Apache Tomcat https://t.co/kJZthbgSsL https://www.andreafortuna.org/2020/02/25/ghostcat-cve-2020-1938-a-serious-file-inclusion-vulnerability-in-apache-tomcat/ | Cyber_O51NT |
2020-02-26 07:10:08 | Security Alert: Alert Regarding Vulnerability (CVE-2020-1938) in Apache Tomcat https://t.co/ceuYL15g7S #CERT… https://t.co/BWadweDk7B http://bit.ly/2wOg566 https://twitter.com/i/web/status/1232561092611727365 | cyberdian_cert |
2020-02-26 03:50:05 | う、ういっす Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 https://t.co/NaXrp8HVvM @jpcert http://www.jpcert.or.jp/at/2020/at200009.html | 0315Takabp |
2020-02-26 03:30:03 | CVE-2020-1938: Ghostcat Apache Tomcat AJP File Read/Inclusion Vulnerability (CNVD-2020-10487) https://t.co/xz74qoLT1w http://tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487 | terajiro |
2020-02-26 03:10:07 | アップデートしよう / “「Apache Tomcat」に複数の脆弱性、CVE-2020-1938には注意喚起も(JVN) | ScanNetSecurity” https://t.co/7wbzDzV3rR https://htn.to/41NtvtnsZd | igaos |
2020-02-26 02:10:04 | Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 https://t.co/7KJQJBVJwz http://www.jpcert.or.jp/at/2020/at200009.html | spread_jp |
2020-02-26 01:50:07 | New Security Alert Regarding Vulnerability (CVE-2020-1938) in Apache Tomcat ^TN https://t.co/XMDjvKH9cR https://www.jpcert.or.jp/english/at/2020/at200009.html | jpcert_en |
2020-02-26 01:50:05 | 「Apache Tomcat」に複数の脆弱性、CVE-2020-1938には注意喚起も(JVN) | ScanNetSecurity https://t.co/piE4WJPXjq https://scan.netsecurity.ne.jp/article/2020/02/26/43734.html | ohhara_shiojiri |
2020-02-26 01:50:03 | 「Apache Tomcat」に複数の脆弱性、CVE-2020-1938には注意喚起も(JVN) https://t.co/zaQJ32LVfY https://scan.netsecurity.ne.jp/article/2020/02/26/43734.html | spread_jp |
2020-02-26 00:30:07 | 「Apache Tomcat」に複数の脆弱性、CVE-2020-1938には注意喚起も(JVN) - https://t.co/0SwNb6EDJp https://scan.netsecurity.ne.jp/article/2020/02/26/43734.html | ka0com |
2020-02-26 00:10:06 | 「Apache Tomcat」に複数の脆弱性、CVE-2020-1938には注意喚起も(JVN) | ScanNetSecurity https://t.co/L3T4NY662w https://s.netsecurity.ne.jp/article/2020/02/26/43734.html | Type76 |
2020-02-25 23:50:08 | 「Apache Tomcat」に複数の脆弱性、CVE-2020-1938には注意喚起も(JVN) https://t.co/RlpuURnUER https://ift.tt/382F3eO | itsecalert |
2020-02-25 23:50:06 | 「Apache Tomcat」に複数の脆弱性、CVE-2020-1938には注意喚起も(JVN) https://t.co/3oyX7zpdyX http://bit.ly/3aaVCqB | prad3ekt |
2020-02-25 23:30:05 | 「Apache Tomcat」に複数の脆弱性、CVE-2020-1938には注意喚起も(JVN) https://t.co/ur1KjF6V8M https://t.co/IUG48SJaX1 http://dlvr.it/RQlJmx | TokyoSec |
2020-02-25 23:30:04 | 「Apache Tomcat」に複数の脆弱性、CVE-2020-1938には注意喚起も(JVN) https://t.co/SBo9xT3Z6I https://scan.netsecurity.ne.jp/article/2020/02/26/43734.html | ScanNetSecurity |
2020-02-25 21:10:41 | Apache Tomcat AJP File Inclusion (CVE-2020-1938): A file inclusion vulnerability exists in Apache Tomcat AJP… https://t.co/dqxjYfNBLp https://goo.gl/fb/kZzfU1 | threatmeter |
2020-02-25 19:20:03 | Hey all, make sure you update Apache Tomcat. CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulne… https://t.co/k6917dngGz https://twitter.com/i/web/status/1232384133097283586 | koburgee |
2020-02-25 18:00:09 | CVE-2020-1938 : Apaceh Tomcat AJP Protocoal Vulnerability (a.k.a Ghostcat) A high-risk file read via AJP vulnerab… https://t.co/2ZjgFLPiRc https://twitter.com/i/web/status/1232362492367720450 | Anastasis_King |
2020-02-25 15:40:05 | CVE-2020-1938: Ghostcat – Apache Tomcat AJP File Read/Inclusion Vulnerability: https://t.co/AJu41iHzbh https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487 | HackerNews_Inc |
2020-02-25 12:30:03 | CVE-2020-1938。銀行/カード会社等の認証情報ファイル(免許証画像とか)飛ばす通信fiddler仕掛けてport確認→叩いてテスト…の流れで良いのかな?直受け構成なんて無いと思うけど。 99%無影響か | windows_update |
2020-02-25 11:50:14 | Tomcatの脆弱性(CVE-2020-1938)、ダイレクトに8009/tcpが空いてなければ大丈夫ぽい? https://t.co/ooA3HBgy9v https://www.ipa.go.jp/security/ciadr/vul/alert20200225.html | isami_ke |
2020-02-25 11:20:07 | AJP(慣習的には8009/tcp)を外に晒してなければ関係ない模様 → Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 https://t.co/JsQ1kgS8hx http://www.jpcert.or.jp/at/2020/at200009.html | shimariso |
2020-02-25 11:20:05 | Tomcatの脆弱性 CVE-2020-1938、これふつうの構成で AJP を untrust なネットワークにさらさないと思う。 脆弱性と言われるとちょっと違和感がある。 本家の案内はここね… https://t.co/bEGmlhyJcj https://twitter.com/i/web/status/1232263491555250176 | nfujita55a |
2020-02-25 10:30:05 | Apache Tomcat における脆弱性(CVE-2020-1938)について https://t.co/W6T4b6OHTf https://www.ipa.go.jp/security/ciadr/vul/alert20200225.html | salad_chocola |
2020-02-25 08:40:03 | Like 👍: "Apache Tomcat における脆弱性(CVE-2020-1938)について" #java #techfeed https://t.co/aVgh1aeXhx https://beta.techfeed.io/entries/5e54c5089586dea5249dfb4b#commentId=5e54dc876c3c4a0147cc1d91 | revsystem |
2020-02-25 08:40:03 | Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 https://t.co/5BzuGtqAEu @jpcert http://www.jpcert.or.jp/at/2020/at200009.html | test_user_css |
2020-02-25 08:31:17 | 「脆弱性(CVE-2020-1938) では、Apache JServ Protocol (AJP) における Attributeの取り扱いに問題があり、悪用された場合、遠隔の第三者が AJP を介し、情報を窃取するなどの可能性が… https://t.co/kGK9lHxbAR https://twitter.com/i/web/status/1232219858869211136 | nilab |
2020-02-25 08:30:03 | 注意喚起: Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 (公開) - https://t.co/gx4XPXE6SW https://www.jpcert.or.jp/at/2020/at200009.html | ka0com |
2020-02-25 08:20:04 | CVE-2020-1938 When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to… https://t.co/Q1zzkee39i https://twitter.com/i/web/status/1232218495108157440 | eyeTSystems |
2020-02-25 08:01:57 | ICATalerts: Apache Tomcat における脆弱性(CVE-2020-1938)について https://t.co/gb2lXqV6VW https://t.co/mmLcYfbBBm #itsec_jp http://dlvr.it/RQhWr6 https://twitter.com/ICATalerts/status/1232197545624866817 | itsec_jp |
2020-02-25 07:40:06 | CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (CNVD-2020-10487) https://t.co/1nW3Ljd0KU https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487 | r00tpgp |
2020-02-25 07:00:15 | IPA 重要 | Apache Tomcat における脆弱性(CVE-2020-1938)について https://t.co/wHXOfiJTFt #itsec_jp https://ift.tt/2HP9niv | itsec_jp |
2020-02-25 07:00:15 | Apache Tomcat における脆弱性(CVE-2020-1938)について https://t.co/irqMmrgLYT #IPA #情報セキュリティ https://ift.tt/2HP9niv | ashitaplanningk |
2020-02-25 07:00:04 | Apache Tomcat における脆弱性(CVE-2020-1938)について https://t.co/JabhhvLyXk http://dlvr.it/RQhWr6 | ICATalerts |
2020-02-25 06:50:04 | Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 https://t.co/yhzBsvye5M ”脆弱性(CVE-2020-1938) では、Apache JServ Protocol (A… https://t.co/Gt0cVPxU5C https://www.jpcert.or.jp/at/2020/at200009.html https://twitter.com/i/web/status/1232194576175095809 | catnap707 |
2020-02-25 06:50:03 | Apache Tomcat における脆弱性(CVE-2020-1938)についてhttps://t.co/kUWsgvtKf5 https://ift.tt/2HP9niv | gesuno_jp |
2020-02-25 06:50:03 | Apache Tomcat における脆弱性(CVE-2020-1938)について https://t.co/Bktt1i6BZK https://ift.tt/2HP9niv | jexens |
2020-02-25 06:40:04 | Apache Tomcat における脆弱性(CVE-2020-1938)について https://t.co/ULvBOPiYuq https://ift.tt/2HP9niv | itsecalert |
2020-02-25 06:40:03 | Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 https://t.co/KHxaWmolc9 @jpcert http://www.jpcert.or.jp/at/2020/at200009.html | Pyo0072 |
2020-02-25 06:30:03 | Apache Tomcat における脆弱性(CVE-2020-1938)について:IPA 独立行政法人 情報処理推進機構 https://t.co/5JmDMxHK6Q https://www.ipa.go.jp/security/ciadr/vul/alert20200225.html | spread_jp |
2020-02-25 06:20:05 | Apache Tomcat における脆弱性(CVE-2020-1938)について - IPA [https://t.co/QAtrO5Wfxm] https://t.co/r3TSKfSjfq http://securenews.appsight.net/entries/10985 https://www.ipa.go.jp/security/ciadr/vul/alert20200225.html | securenews_web |
2020-02-25 06:20:03 | CVE-2020-1938に関しては、「Ghostcat」という名称が付けられた様です。 #sios_tech #security #vulnerability #oss #linux #apache #tomcat https://t.co/qKga5oqYX6 https://security.sios.com/vulnerability/tomcat-security-vulnerability-20200225.html | omokazuki |
2020-02-25 06:10:06 | Apache Tomcat における脆弱性(CVE-2020-1938)について https://t.co/79Q7JBHy6q https://www.ipa.go.jp/security/ciadr/vul/alert20200225.html | Panda_Lv0 |
2020-02-25 06:10:04 | secretRequired="false"にしてもCVE-2020-1938のPoCは防げた。 | ttm_ben |
2020-02-25 05:50:04 | 注意喚起: Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 (公開) https://t.co/k5F78d0iCv :情報処理安全確保支援士NEWS http://dlvr.it/RQhP5R | kai_ri_0001 |
2020-02-25 05:20:07 | Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 https://t.co/Df1FdyQZW1 https://www.jpcert.or.jp/at/2020/at200009.html | ohhara_shiojiri |
2020-02-25 04:51:56 | Bug 1806398 (CVE-2020-1938) - CVE-2020-1938 tomcat: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability… https://t.co/Fwt7Eup2vU https://twitter.com/i/web/status/1231913742843236352 | _CYOPS |
2020-02-25 04:50:09 | 注意喚起: Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 (公開) - JPCERT/CC注意喚起 [https://t.co/lQuzZnOESE] https://t.co/bEtUKEV4Te http://securenews.appsight.net/entries/10984 https://www.jpcert.or.jp/at/2020/at200009.html | securenews_web |
2020-02-25 04:50:06 | 統合版 JPCERT/CC | 注意喚起: Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 (公開) https://t.co/r7fvq9SxXr #itsec_jp https://ift.tt/2SYueq2 | itsec_jp |
2020-02-25 04:50:06 | Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起を公開。遠隔の第三者がAJPを介し情報を窃取する等の可能性があります。Apache Software Foundationが提供する修正済みバー… https://t.co/DmAZENtX7S https://twitter.com/i/web/status/1232164126421475333 | jpcert |
2020-02-25 04:40:04 | 注意喚起: Apache Tomcat の脆弱性 (CVE-2020-1938) に関する注意喚起 (公開) https://t.co/3u2dm20SgR https://www.jpcert.or.jp/at/2020/at200009.html | Panda_Lv0 |
2020-02-25 02:50:04 | Apache Tomcatの複数の脆弱性情報(High: CVE-2020-1938, Low: CVE-2020-1935, CVE-2019-17569)と新バージョン(9.0.31/8.5.51/7.0.100) - OSS… https://t.co/2s4nGb3f3Q https://twitter.com/i/web/status/1232134569165352960 | ohhara_shiojiri |
2020-02-25 02:00:03 | #Apatche #Tomcat 8.5.51 でfixされたのは、CVE-2020-1938 に加えてもう一つ。 CVE-2020-1935 も。今日 Tomcat からアナウンスがありました。 #脆弱性 | ottoto2017 |
2020-02-25 01:10:07 | Tomcat - CVE-2020-1938: https://t.co/wm91ahr4Bv https://lists.apache.org/thread.html/r7c6f492fbd39af34a68681dbbba0468490ff1a97a1bd79c6a53610ef%40%3Cannounce.tomcat.apache.org%3E | LinInfoSec |
2020-02-25 00:20:03 | Vulnerabilidad día cero permite ejecución remota de código en Apache Tomcat APJ CNVD-2020-10487/CVE-2020-1938… https://t.co/WdGNgHTOQ0 https://twitter.com/i/web/status/1232097384290758656 | Meyaj_TI |
2020-02-25 00:00:03 | CVE-2020-1938 https://t.co/mqiQwzLIcF #TribeSecure #CyberAwareness https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1938&utm_source=dlvr.it&utm_medium=twitter | Tribe_Secure |
2020-02-24 22:50:05 | CVE-2020-1938 When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to… https://t.co/2Md1d7zX2v https://twitter.com/i/web/status/1232074012651638784 | CVEnew |
2020-02-24 22:30:03 | SIOSセキュリティブログを更新しました。 Apache Tomcatの複数の脆弱性情報(High: CVE-2020-1938, Low: CVE-2020-1935, CVE-2019-17569)と新バージョン(9.0.3… https://t.co/GqvREdeIkb https://twitter.com/i/web/status/1232070050598674432 | omokazuki |
2020-02-24 20:30:03 | CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (CNVD-2020-10487) https://t.co/IYEigFdec3 http://ow.ly/l0vg102aPdA | dansantanna |
2020-02-24 20:30:03 | CVE-2020-1938: Ghostcat – Apache Tomcat AJP File Read/Inclusion Vulnerability: https://t.co/AJu41ipYjJ https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487 | HackerNews_Inc |
2020-02-24 17:50:07 | CVE-2020-1938: Ghostcat vulnerability https://t.co/Y05pPARlkC http://dlvr.it/RQftjF | nichii_a |
2020-02-24 15:50:11 | CVE-2020-1938: Ghostcat : Time to drop the AJP protocol in Tomcat? AJP is a more than 20 years old protocol and wa… https://t.co/Yj917P7zqJ https://twitter.com/i/web/status/1231966032786546690 | jfclere |
2020-02-24 14:10:04 | CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (CNVD-2020-10487) https://t.co/Km86rR2OBL http://ow.ly/7Dxi102aNkN | BullStallcup |
2020-02-24 13:33:08 | CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (CNVD-2020-10487) - Blog | Tenable® https://t.co/q5qBLk3E7q https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487 | n0ipr0cs |
2020-02-24 10:30:03 | Apache Tomcat CVE-2020-1938 Arbitrary File Inclusion Vulnerability https://t.co/dD0pNDVeRQ https://ift.tt/2T7GUcQ | c_raulston |
2020-02-24 05:31:32 | TomcatのLFIの脆弱性(CVE-2020-1938)を検証。 通常AJPサービスは外部に公開しないが、公開されているとアプリのドキュメントルート配下の任意のファイルにアクセスできる。 アプリにファイルアップロードなどの機能が… https://t.co/H5v02v7csF https://twitter.com/i/web/status/1231811343440723969 | piedpiper1616 |
2020-02-24 03:00:04 | ApacheとTomcat連携したときに流れるajpはこちらです。Apache経由ではCVE-2020-1938 のPOCのような動作にならない。 https://t.co/e2nQiT1cLb | doragonstar4 |
2020-02-24 02:50:02 | CVE-2020-1938 のPOCで流れるajp プロトコルの中身。 https://t.co/2KJVHlVfXl | doragonstar4 |
2020-02-24 01:30:18 | CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (CNVD-2020-10487) https://t.co/MxYeVfxRLS https://buff.ly/37VXfqq | pcastagnaro |
2020-02-24 00:31:31 | Zero-day vulnerability allows remote code execution in Apache Tomcat APJ CNVD-2020-10487/CVE-2020-1938 #apac... https://t.co/t7PPEZs1zC https://hacknews247.com/uncategorized/20200221/zero-day-vulnerability-allows-remote-code-execution-in-apache-tomcat-apj-cnvd-2020-10487-cve-2020-1938.html?feed_id=15723 | HackNewsCo |
2020-02-23 17:00:05 | [CVE-2020-1938] Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability An attacker could exploit this LFI… https://t.co/bGaeJpghq1 https://twitter.com/i/web/status/1231623289350606849 | Anastasis_King |
2020-02-23 14:20:06 | Vulnerabilidad día cero permite ejecución remota de código en Apache Tomcat APJ CNVD-2020-10487/CVE-2020-1938,… https://t.co/d1yFfyjacu https://twitter.com/i/web/status/1231581987963645952 | grevelo1 |
2020-02-23 09:30:32 | CVE-2020-1938: Ghostcat – Apache Tomcat AJP File Read/Inclusion Vulnerability: https://t.co/AJu41ipYjJ https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487 | HackerNews_Inc |
2020-02-23 08:31:45 | 7 questions pour comprendre la dernière vulnérabilité affectant Tomcat (CVE-2020-1938): https://t.co/oWkX8HIBXM //… https://t.co/BKqRSmPGwi http://bit.ly/2uX3SeU https://twitter.com/i/web/status/1231132092156825605 | veilleAppSec |
2020-02-23 07:20:06 | CVE-2020-1938 - AJP RCE https://t.co/I2NlOwsNn2 https://t.co/tIBWDKihMs http://newsbythehour.org/cybr http://bit.ly/38LuGgA | everythingcybr |
2020-02-23 03:30:04 | CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (CNVD-2020-10487) https://t.co/Lu7rEqkB1m @tenablesecurity http://tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487 | jimdolinski |
2020-02-23 02:20:03 | CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (CNVD-2020-10487) - https://t.co/tO0HcTulrT https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487 | ka0com |
2020-02-22 13:20:04 | Vulnerabilidad día cero permite ejecución remota de código en Apache Tomcat APJ CNVD-2020-10487/CVE-2020-1938 https://t.co/kmaJh7ybsE https://noticiasseguridad.com/vulnerabilidades/vulnerabilidad-dia-cero-permite-ejecucion-remota-de-codigo-en-apache-tomcat-apj-cnvd-2020-10487-cve-2020-1938/ | jorge_ona |
2020-02-22 13:10:04 | CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner: CNVD-2020-10487/CVE-2020-1938,批量扫描工具 https://t.co/jlzQqrrk7r #Python https://github.com/Kit4y/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner | JekiCode |
2020-02-22 10:40:04 | CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (CNVD-2020-10487) https://t.co/1RkryKC4Xd @tenablesecurity http://tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487 | Chrono_Net |
2020-02-22 09:00:03 | CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner - CNVD-2020-10487/CVE-2020-1938,批量扫描工具 https://t.co/kxXwWWsql9 http://github.com/Kit4y/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner | pythontrending |
2020-02-22 08:30:03 | Ghostcat - Apache Tomcat にファイル読み取りとRCEの脆弱性 | CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulner… https://t.co/y7Q84PQrJR https://twitter.com/i/web/status/1231133192888827905 | muumuubokujo |
2020-02-22 08:10:05 | Vulnerabilidad día cero permite ejecución remota de código en Apache Tomcat APJ CNVD-2020-10487/CVE-2020-1938 https://t.co/kOiW5vWHrN https://ift.tt/2VbLPfF | edcamposj |
2020-02-22 07:30:05 | #Apache Tomcat CVE-2020-1938 – Remote Code Execution https://t.co/AX8N7M4zZe #0day #Zeroday #Exploit #Exploits #Security https://0day.life/exploit/0day-2349.html | 0dayDB |
2020-02-22 06:00:02 | CVE-2020-1938: CVE-2020-1938 https://t.co/wuu8iAsfuD https://github.com/0nise/CVE-2020-1938 | JekiCode |
2020-02-22 02:50:04 | https://t.co/eaD2tfxKe9 CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (CNVD-2020-10… https://t.co/EnfljSvRhD https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487 https://twitter.com/i/web/status/1231045970483458048 | netsecu |
2020-02-21 22:50:04 | Vulnerabilidad día cero permite ejecución remota de código en Apache Tomcat APJ CNVD-2020-10487/CVE-2020-1938… https://t.co/kwukOdgQPF https://twitter.com/i/web/status/1230986194382553088 | forenseTIC |
2020-02-21 20:10:11 | Re: Patches for the @TheApacheTomcat AJP LFI/RCE vulnerability (CVE-2020-1938): while the release notes at don't me… https://t.co/e4wrMi7SOJ https://twitter.com/i/web/status/1230945889981734912 | nightwatchcyber |
2020-02-21 17:40:03 | Tomcat の脆弱性 (CVE-2020-1938 / CNVD-2020-10487) は基本的には LFI ですが、場合によっては RCE です。ajp13 はテキストファイルをJSPとして解釈できます。例えばログをWEBR… https://t.co/DJXYvpj7kK https://twitter.com/i/web/status/1230908437149564928 | shutingrz |
2020-02-21 17:31:51 | Tomcat vulnerability (CVE-2020-1938 / CNVD-2020-10487) is basically LFI, but in some cases, RCE. ajp13 can interpre… https://t.co/8gSZvELG0H https://twitter.com/i/web/status/1230905673820430336 | shutingrz |
2020-02-21 17:31:50 | Zero-day vulnerability allows remote code execution in Apache Tomcat APJ CNVD-2020-10487/CVE-2020-1938 https://t.co/cCkxCbl7XI https://ift.tt/37OWj7k | AlexaGm33043450 |
2020-02-21 17:31:50 | CVE-2020-1938: Apache Tomcat AJP Connector Remote Code Execution Vulnerability Alert: Apache Tomcat is an open-sour… https://t.co/SFNU4X6Fap https://twitter.com/i/web/status/1230906296615833600 | morodog |
2020-02-21 17:31:49 | Tomcat の脆弱性 (CVE-2020-1938 / CNVD-2020-10487) は基本的には LFI ですが、場合によっては RCE です。ajp13 はテキストファイルをJSPとして解釈できます。例えばログを公開ディ… https://t.co/DM38K1V69Q https://twitter.com/i/web/status/1230907384102408192 | shutingrz |
2020-02-21 16:50:09 | just for clarify: CVE-2020-1938 is NOT a default Remote Code Execution vul. It is a LFI. So, IF you can: 1) upload… https://t.co/netINthi56 https://twitter.com/i/web/status/1230895566688792576 | joaomatosf |
2020-02-21 15:50:10 | Remote code execution in Apache Tomcat AJP connector CVE-2020-1938 #Zanket #CVE #Tomcat #Apache #vulnerability #CyberSecurity | Zanket_com |
2020-02-21 15:40:04 | CVE-2020-1938 : Apache Tomcat AJP Remote Code Execution Vulnerability (CNVD-2020-10487) https://t.co/sJS4CcwjAQ https://t.co/LqtRB3CjkO https://www.anquanke.com/post/id/199448 | cyber_advising |
2020-02-21 15:40:04 | Scanner for Apache Tomcat LFI vuln CVE-2020-1938 https://t.co/4zOGyzikAQ #DFIR https://github.com/Kit4y/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner/blob/master/README.md | r3c0nst |
2020-02-21 15:40:03 | CVE-2020-1938: Apache Tomcat AJP Connector Remote Code Execution Vulnerability Alert https://t.co/E8wWodpuVY https://haxf4rall.com/2020/02/21/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/ | haxf4rall |
2020-02-21 15:10:04 | Has anyone found a generic RCE exploitation technique for CVE-2020-1938 yet? Inclusion happens within the web root,… https://t.co/Y65I1ZNohk https://twitter.com/i/web/status/1230871514343518208 | steventseeley |
2020-02-21 15:10:03 | 7 questions pour comprendre la dernière vulnérabilité affectant Tomcat (CVE-2020-1938) 👉 https://t.co/iQGNIO22p2 #AJP #RCE https://blog.xmco.fr/7-questions-pour-comprendre-la-derniere-vulnerabilite-affectant-tomcat-cve-2020-1938/ | CERTXMCO |
2020-02-21 14:50:05 | CVE-2020-1938: Apache Tomcat AJP Connector Remote Code Execution Vulnerability Alert • InfoTech News… https://t.co/aWNUCVeZZM https://twitter.com/i/web/status/1230865901685215235 | nichii_a |
2020-02-21 14:50:05 | CVE-2020-1938 - AJP RCE https://t.co/hJtVbE34ET #appsec #security #secops https://ift.tt/2T9CTVw | rtcz_io |
2020-02-21 14:10:04 | TomcatのCVE-2020-1938は主にファイルの取得やアクセスで、任意のコード実行(RCE)についてはjspファイルをアップロードでき場合に行われるという感じなのかな? | enigma63 |
2020-02-21 14:10:03 | CVE-2020-1938は、6系含めたTomcatの最新バージョン以外に該当することは確認した。 | enigma63 |
2020-02-21 14:03:01 | CVE-2020-1938 – AJP RCE https://t.co/Ov4DMTURQw http://hrbt.us/191628 | hardreboot |
2020-02-21 13:00:05 | New post: "CVE-2020-1938 - AJP RCE" https://t.co/vLPLTkoZaQ https://ift.tt/38LuG04 | Myinfosecfeed |
2020-02-21 13:00:04 | CVE-2020-1938 - AJP RCE https://t.co/kpXj74RVcx https://reddit.com/r/sysadmin/comments/f7algz/cve20201938_ajp_rce/ | _r_netsec |
2020-02-21 12:30:04 | Updates for our list of Juicy Vulns and Exploits: including now Tomcat AJP RCE / CVE-2020-1938… https://t.co/AvDA2Z409J https://twitter.com/i/web/status/1230829645014163457 | zero_B_S |
2020-02-21 12:10:04 | CVE-2020-1938: Apache Tomcat AJP Connector Remote Code Execution Vulnerability Alert https://t.co/AiR4mq27MV 年度末の忙しい時期にヤバいのが・・ https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/ | mark8823_wiz |
2020-02-21 10:40:04 | CVE-2020-1938: Apache Tomcat AJP Connector Remote Code Execution Vulnerability Alert https://t.co/B4kowzp3oP #info #news #tech https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/ | the_yellow_fall |
2020-02-21 09:00:04 | Support for CVE-2020-1938 / CNVD-2020-10487 exploitation was added to AJPy (https://t.co/DWnY3NUh75) by our Java wi… https://t.co/dabqdfExj3 https://github.com/hypn0s/AJPy https://twitter.com/i/web/status/1230778801036111872 | Synacktiv |
2020-02-21 07:20:05 | CVE-2020-1938 ApacheTomcatAJPに関する脆弱性。 AJP待受がデフォルトポートだと8009。変えてなければこのポート公開していなければ影響なしっぽさそうなのかな? https://t.co/6QXRSkPh9L https://copyfuture.com/blogs-details/202002211352244721unzt19g1ox3yxv | GenKa_232 |
2020-02-21 06:30:04 | TomcatのCVE-2020-1938、そもそも8009番ポートをインターネットに公開してる環境あまり無い気がするので、大した脆弱性じゃないような気がしますが、どうなんですかね… | kinyuka |
2020-02-21 06:20:03 | #tomcat #ajp13 CVE-2020-1938 https://t.co/GkKDU1QnAI | retan0j |
2020-02-21 06:00:04 | CVE-2020-1938のPoC多くて助かる https://t.co/Vtcsx0FPjZ | motikan2010 |
2020-02-21 05:40:04 | CVE-2020-1938,wow https://t.co/0GCT6ZTI7l | ice43396118 |
2020-02-21 04:50:04 | GitHub - nibiwodong/CNVD-2020-10487-Tomcat-ajp-POC: CNVD-2020-10487(CVE-2020-1938), tomcat ajp 文件读取漏洞poc - https://t.co/TuK9Rc85rG https://github.com/nibiwodong/CNVD-2020-10487-Tomcat-ajp-POC | piedpiper1616 |
2020-02-21 00:20:03 | I just updated https://t.co/mL4dgWYKJy in AJPy (https://t.co/SAUGgP7VGL) to exploit #CVE-2020-1938! It allows inclu… https://t.co/ptlCbkJ6Z9 http://tomcat.py https://github.com/hypn0s/AJPy https://twitter.com/i/web/status/1230647545258483718 | Julien_Legras |
2020-02-20 19:10:06 | CVE-2020-1938 PoC https://t.co/v36r6BZ6B7 | bugworld9 |
2020-02-20 19:00:06 | #CVE-2020-1938 Apache Tomcat from file reading to RCE involving AJP protocol https://t.co/EpYBJOYOdu | pyn3rd |
2020-02-20 19:00:05 | #CVE-2020-1938 Apache Tomcat from file reading to RCE involving AJP protocol https://t.co/MkEO4m1zII https://t.co/GebMqLv8MW https://mp.weixin.qq.com/s/M6CK9Bk7MJI2NSLEiVoBjQ | shimizukawasak |
2020-02-20 17:50:14 | Apache Tomcat Vuln might lead to RCE, CVE-2020-1938 (unreleased) Mitigation: Dont use AJP-Connector @binaryedgeio… https://t.co/OF1KpMVALv https://twitter.com/i/web/status/1230547908149334017 | zero_B_S |
2020-02-20 16:50:04 | #CVE-2020-1938 Apache Tomcat (not arbitrary) file reading involving AJP protocol https://t.co/tgSMCjhD4v | pyn3rd |
2020-02-20 15:20:03 | CVE-2020-1938 Java安全相关的漏洞和技术demo,其中包括原生Java、Fastjson、Jackson、Hessian2以及XML反序列化漏洞利用和Dubbo(Hessian2反序列化)、Shiro(Paddi… https://t.co/83MSIJnYvt https://twitter.com/i/web/status/1230511264679501827 | VulmonFeeds |
2020-02-20 13:50:04 | Apache Tomcat AJP Vulnerability (CNVD-2020-10487/CVE-2020-1938 ) .This vulnerability was discovered by a security… https://t.co/E6pqiXm8s3 https://twitter.com/i/web/status/1230489154468732928 | chybeta |
2020-02-20 13:20:03 | Apache Tomcat AJP RCE Vulnerability(CNVD-2020-10487/CVE-2020-1938 ) alert from CNCERT https://t.co/HuGAWxwQrZ CNCER… https://t.co/4Qzs0GdEk3 https://www.cnvd.org.cn/webinfo/show/5415 https://twitter.com/i/web/status/1230482203693350913 | 80vul |
2020-02-16 17:44:01 | CVE-2020-1938 is called Hapless Creodont https://t.co/k3v0JA7HCQ https://nvd.nist.gov/vuln/detail/CVE-2020-1938 | vulnonym |