You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@zookeeper.apache.org by Samy Ateia <sa...@hotmail.de> on 2015/12/15 11:39:42 UTC
Is zookeeper affected by this vulnerability?
http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
I' checked all my running servers for the commons collection package and zookeeper seems to use it.
Is there any endpoint that deserializes objects and can be exploited by a man-in-the-middle attack between two servers or a client and a server?
best regards,
Samy