Page tree
Skip to end of metadata
Go to start of metadata

If you have not upgraded to LUNA then you should apply this patch.

We discovered a vulnerability that should be patched as soon as possible. This patch works for all LUNA 7 instances. 

There have been a couple of reports that indicated a server was used to do crypto mining. Specifically a program called xmrig has been found running on these servers. They seem to place a folder called c3pool in the users home directory and run the program from this location. The user seems to need sudo privileges for this to work. A vulnerability in a software framework Apache Shiro was exploited to affect these servers. You just need to update the Apache Shiro jar files to block this vulnerability. 

Step-by-step guide

  1. Delete the old shiro jars from the following locations ~/LunaImaging/7.x/LUNA/tomcat/luna_apps/
  2. Add: shiro-all-1.2.6.jar to each of the above lib folders

You can download the file here

This direct link might work as well

      3. Restart LUNA's tomcat