Stealing the Network

  • Home
  • Contact Me

jboss

Linux

Exploiting the OpenNMS/Jenkins RMI Java Deserialization Vulnerability

Even though this vulnerability was detected back in 2015 I am only starting to notice it popping up on engagements more frequently. CVE-2015-8103 – Jenkins CLI – RMI Java Deserialization allows remote attackers to execute arbitrary code via a crafted serialized Java object. Apparently, according to Foxglove security Jenkins and Read more…

By James Smith, 2 years2 years ago
Search
Be Notified

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 17 other subscribers.

Recent Posts
  • Efficient Time Based Blind SQL Injection using MySQL Bit Functions and Operators
  • Executing Metasploit & Empire Payloads from MS Office Document Properties (part 2 of 2)
  • Executing Metasploit & Empire Payloads from MS Office Document Properties (part 1 of 2)
  • Reporting SSL/TLS Issues the Easy Way with YANP
  • Quick Guide to Installing Bloodhound in Kali-Rolling
  • Contact Me
  • Cookie Policy
Hestia | Developed by ThemeIsle