CVE-2020-27223 PoC — Eclipse Jetty 资源管理错误漏洞

Source

https://github.com/ttestoo/Jetty-CVE-2020-27223

Associated Vulnerability

Title:Eclipse Jetty 资源管理错误漏洞 (CVE-2020-27223)
Description:Eclipse Jetty是Eclipse基金会的一个开源的、基于Java的Web服务器和Java Servlet容器。 Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 存在资源管理错误漏洞，该漏洞源于处理这些质量值的CPU使用率过高，服务器可能会进入拒绝服务（DoS）状态，

Readme

# Jetty-CVE-2020-27223

File Snapshot


 [4.0K]  /data/pocs/80f43b9af04dc8b492105e44299c0b9e0dfa03a3
├── [4.0K]  payload
│   └── [ 24K]  poc.txt
├── [2.3K]  pom.xml
├── [  23]  README.md
└── [4.0K]  src
    └── [4.0K]  main
        ├── [4.0K]  java
        │   └── [4.0K]  com
        │       └── [4.0K]  ttestoo
        │           └── [4.0K]  jetty
        │               ├── [ 310]  Application.java
        │               └── [4.0K]  controller
        │                   └── [ 485]  HelloController.java
        └── [4.0K]  resources
            └── [ 103]  application.properties

9 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!