Liferay Portal Apache Felix command injection
Added: 12/31/2014OSVDB: 116510
Background
Liferay Portal is an enterprise web platform for building business solutions. Apache Felix is an implementation of the OSGi Framework and Service platform.Problem
Liferay Portal is affected by a vulnerability which could allow remote attackers to execute arbitrary commands due to exposure of Apache Felix.Resolution
Upgrade to Liferay Portal 7.0.3.References
http://www.exploit-db.com/exploits/35652/Limitations
Exploit works on Windows 7.Platforms
WindowsBack to exploit index