vulnerability to a remote code execution exploit using the ysoserial tool in conjunction with the BeanShell1 gadget.

Document ID:7018388
Creation Date:13-Dec-2016
Modified Date:13-Dec-2016
- Micro Focus Products:
  Sentinel

Environment

NetIQ Sentinel versions 7.3.4, 7.4.3 & 8.0

Situation

Sentinel is vulnerable to a remote code execution exploit using the ysoserial tool in conjunction with the BeanShell1 gadget.

Resolution

Add following line to /etc/opt/novell/sentinel/config/deserialization-blacklist.conf

bsh.XThis

E.g. echo “bsh.XThis” >> /etc/opt/novell/sentinel/config/deserialization-blacklist.conf

restart the sentinel service

© Micro Focus. Please see Terms of Use applicable to this content.