Vulnerabilities > CVE-2008-3519 - Configuration vulnerability in Redhat Jboss Enterprise Application Platform 4.2/4.3

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
redhat
CWE-16
nessus
NVD
Published: 2008-09-23
Updated: 2017-08-08

Summary

The default configuration of the JBossAs component in Red Hat JBoss Enterprise Application Platform (aka JBossEAP or EAP), possibly 4.2 before CP04 and 4.3 before CP02, when a production environment is enabled, sets the DownloadServerClasses property to true, which allows remote attackers to obtain sensitive information (non-EJB classes) via a download request, a different vulnerability than CVE-2008-3273.

Vulnerable Configurations

Part Description Count
Application
Redhat
6

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0832.NASL
    descriptionUpdated JBoss Enterprise Application Platform (JBEAP) 4.3 packages that fix various security issues are now available for Red Hat Enterprise Linux 5 as JBEAP 4.3.0.CP02. This update has been rated as having low security impact by the Red Hat Security Response Team. JBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution. This release of JBEAP for Red Hat Enterprise Linux 5 serves as a replacement to JBEAP 4.3.0.CP01. These updated packages include bug fixes and enhancements which are detailed in the release notes. The link to the release notes is available below in the References section. The following security issues are also fixed with this release : The default security policy in the JULI logging component did not restrict access permissions to files. This could be misused by untrusted web applications to access and write arbitrary files in the context of the tomcat process. (CVE-2007-5342) The property that controls the download of server classes was set to
    last seen2020-06-01
    modified2020-06-02
    plugin id63865
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63865
    titleRHEL 5 : JBoss EAP (RHSA-2008:0832)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0831.NASL
    descriptionUpdated JBoss Enterprise Application Platform (JBEAP) 4.3 packages that fix various security issues are now available for Red Hat Enterprise Linux 4 as JBEAP 4.3.0.CP02. This update has been rated as having low security impact by the Red Hat Security Response Team. JBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution. This release of JBEAP for Red Hat Enterprise Linux 4 serves as a replacement to JBEAP 4.3.0.CP01. These updated packages include bug fixes and enhancements which are detailed in the release notes. The link to the release notes is available below in the References section. The following security issues are also fixed with this release : The default security policy in the JULI logging component did not restrict access permissions to files. This could be misused by untrusted web applications to access and write arbitrary files in the context of the tomcat process. (CVE-2007-5342) The property that controls the download of server classes was set to
    last seen2020-06-01
    modified2020-06-02
    plugin id63864
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63864
    titleRHEL 4 : JBoss EAP (RHSA-2008:0831)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0834.NASL
    descriptionUpdated JBoss Enterprise Application Platform (JBEAP) 4.2 packages that fix various security issues are now available for Red Hat Enterprise Linux 5 as JBEAP 4.2.0.CP04. This update has been rated as having low security impact by the Red Hat Security Response Team. JBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution. This release of JBEAP for Red Hat Enterprise Linux 5 serves as a replacement to JBEAP 4.2.0.CP03. These updated packages include bug fixes and enhancements which are detailed in the release notes. The link to the release notes is available below in the References section. The following security issues are also fixed with this release : The default security policy in the JULI logging component did not restrict access permissions to files. This could be misused by untrusted web applications to access and write arbitrary files in the context of the tomcat process. (CVE-2007-5342) The property that controls the download of server classes was set to
    last seen2020-06-01
    modified2020-06-02
    plugin id63867
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63867
    titleRHEL 5 : JBoss EAP (RHSA-2008:0834)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0833.NASL
    descriptionUpdated JBoss Enterprise Application Platform (JBEAP) 4.2 packages that fix various security issues are now available for Red Hat Enterprise Linux 4 as JBEAP 4.2.0.CP04. This update has been rated as having low security impact by the Red Hat Security Response Team. JBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution. This release of JBEAP for Red Hat Enterprise Linux 4 serves as a replacement to JBEAP 4.2.0.CP03. These updated packages include bug fixes and enhancements which are detailed in the release notes. The link to the release notes is available below in the References section. The following security issues are also fixed with this release : The default security policy in the JULI logging component did not restrict access permissions to files. This could be misused by untrusted web applications to access and write arbitrary files in the context of the tomcat process. (CVE-2007-5342) The property that controls the download of server classes was set to
    last seen2020-06-01
    modified2020-06-02
    plugin id63866
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63866
    titleRHEL 4 : JBoss EAP (RHSA-2008:0833)

Redhat

advisories
  • rhsa
    idRHSA-2008:0831
  • rhsa
    idRHSA-2008:0832
  • rhsa
    idRHSA-2008:0833
  • rhsa
    idRHSA-2008:0834
rpms
  • glassfish-jaf-0:1.1.0-0jpp.ep1.12.el4
  • glassfish-javamail-0:1.4.0-0jpp.ep1.10.el4
  • glassfish-jaxb-0:2.1.4-1jpp.ep1.2.el4
  • glassfish-jaxb-javadoc-0:2.1.4-1jpp.ep1.2.el4
  • glassfish-jaxws-0:2.1.1-1jpp.ep1.3.el4
  • glassfish-jstl-0:1.2.0-0jpp.ep1.10.el4
  • hibernate3-1:3.2.4-1.SP1_CP04.0jpp.ep1.3.el4
  • hibernate3-annotations-0:3.2.1-4.GA_CP02.1jpp.ep1.7.el4
  • hibernate3-annotations-javadoc-0:3.2.1-4.GA_CP02.1jpp.ep1.7.el4
  • hibernate3-commons-annotations-0:0.0.0-1.1jpp.ep1.1.el4
  • hibernate3-entitymanager-0:3.2.1-2.GA_CP03.1jpp.ep1.9.el4
  • hibernate3-entitymanager-javadoc-0:3.2.1-2.GA_CP03.1jpp.ep1.9.el4
  • hibernate3-javadoc-1:3.2.4-1.SP1_CP04.0jpp.ep1.3.el4
  • hibernate3-validator-0:0.0.0-1.1jpp.ep1.1.el4
  • jakarta-commons-beanutils-0:1.7.0-2jpp.ep1.5.el4
  • javassist-0:3.8.0-1.ep1.el4
  • jboss-aop-0:1.5.5-2.CP02.0jpp.ep1.2.el4
  • jboss-jaxr-0:1.2.0-SP1.0jpp.ep1.4.el4
  • jboss-messaging-0:1.4.0-1.SP3_CP03.0jpp.ep1.3.el4
  • jboss-remoting-0:2.2.2-3.SP9.0jpp.ep1.1.el4
  • jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.10.el4
  • jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.10.el4
  • jbossas-0:4.3.0-2.GA_CP02.ep1.10.el4
  • jbossts-1:4.2.3-1.SP5_CP02.1jpp.ep1.1.el4
  • jbossweb-0:2.0.0-4.CP06.0jpp.ep1.1.el4
  • jbossws-0:2.0.1-2.SP2_CP03.0jpp.ep1.1.el4
  • jbossws-common-0:1.0.0-1.GA_CP01.0jpp.ep1.3.el4
  • jbossws-framework-0:2.0.1-0jpp.ep1.11.el4
  • jbossxb-0:1.0.0-2.SP3.0jpp.ep1.3.el4
  • rh-eap-docs-0:4.3.0-3.GA_CP02.ep1.9.el4
  • rh-eap-docs-examples-0:4.3.0-3.GA_CP02.ep1.9.el4
  • glassfish-jaf-0:1.1.0-0jpp.ep1.12.el5.1
  • glassfish-javamail-0:1.4.0-0jpp.ep1.10.el5
  • glassfish-jaxb-0:2.1.4-1jpp.ep1.4.el5.2
  • glassfish-jaxws-0:2.1.1-1jpp.ep1.3.el5
  • glassfish-jstl-0:1.2.0-0jpp.ep1.10.el5
  • hibernate3-1:3.2.4-1.SP1_CP04.0jpp.ep1.3.el5
  • hibernate3-annotations-0:3.2.1-4.GA_CP02.1jpp.ep1.7.el5.1
  • hibernate3-annotations-javadoc-0:3.2.1-4.GA_CP02.1jpp.ep1.7.el5.1
  • hibernate3-commons-annotations-0:0.0.0-1.1jpp.ep1.1.el5
  • hibernate3-entitymanager-0:3.2.1-2.GA_CP03.1jpp.ep1.9.el5
  • hibernate3-entitymanager-javadoc-0:3.2.1-2.GA_CP03.1jpp.ep1.9.el5
  • hibernate3-javadoc-1:3.2.4-1.SP1_CP04.0jpp.ep1.3.el5
  • hibernate3-validator-0:0.0.0-1.1jpp.ep1.1.el5
  • javassist-0:3.8.0-1jpp.ep1.2.el5
  • jboss-aop-0:1.5.5-2.CP02.0jpp.ep1.2.el5
  • jboss-jaxr-0:1.2.0-SP1.0jpp.ep1.4.el5
  • jboss-messaging-0:1.4.0-1.SP3_CP03.0jpp.ep1.3.el5
  • jboss-remoting-0:2.2.2-3.SP9.0jpp.ep1.2.el5
  • jboss-seam-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.7.el5.1
  • jboss-seam-docs-0:1.2.1-3.JBPAPP_4_3_0_GA.ep1.7.el5.1
  • jbossas-0:4.3.0-2.GA_CP02.ep1.10.el5.2
  • jbossts-1:4.2.3-1.SP5_CP02.1jpp.ep1.2.el5
  • jbossweb-0:2.0.0-4.CP06.0jpp.ep1.1.el5
  • jbossws-0:2.0.1-2.SP2_CP03.0jpp.ep1.1.el5.1
  • jbossws-common-0:1.0.0-1.GA_CP01.0jpp.ep1.3.el5
  • jbossws-framework-0:2.0.1-0jpp.ep1.11.el5
  • jbossxb-0:1.0.0-2.SP3.0jpp.ep1.3.el5.1
  • rh-eap-docs-0:4.3.0-2.GA_CP02.ep1.6.el5
  • glassfish-jaf-0:1.1.0-0jpp.ep1.12.el4
  • glassfish-javamail-0:1.4.0-0jpp.ep1.10.el4
  • glassfish-jstl-0:1.2.0-0jpp.ep1.10.el4
  • hibernate3-1:3.2.4-1.SP1_CP04.0jpp.ep1.3.el4
  • hibernate3-annotations-0:3.2.1-4.GA_CP02.1jpp.ep1.7.el4
  • hibernate3-annotations-javadoc-0:3.2.1-4.GA_CP02.1jpp.ep1.7.el4
  • hibernate3-commons-annotations-0:0.0.0-1.1jpp.ep1.1.el4
  • hibernate3-entitymanager-0:3.2.1-2.GA_CP03.1jpp.ep1.9.el4
  • hibernate3-entitymanager-javadoc-0:3.2.1-2.GA_CP03.1jpp.ep1.9.el4
  • hibernate3-javadoc-1:3.2.4-1.SP1_CP04.0jpp.ep1.3.el4
  • hibernate3-validator-0:0.0.0-1.1jpp.ep1.1.el4
  • jakarta-commons-beanutils-0:1.7.0-2jpp.ep1.5.el4
  • javassist-0:3.8.0-1.ep1.el4
  • jboss-aop-0:1.5.5-2.CP02.0jpp.ep1.2.el4
  • jboss-jaxr-0:1.2.0-SP1.0jpp.ep1.4.el4
  • jboss-remoting-0:2.2.2-3.SP9.0jpp.ep1.1.el4
  • jboss-seam-0:1.2.1-1.ep1.10.el4
  • jboss-seam-docs-0:1.2.1-1.ep1.10.el4
  • jbossas-0:4.2.0-3.GA_CP04.ep1.8.el4
  • jbossts-1:4.2.3-1.SP5_CP02.1jpp.ep1.1.el4
  • jbossweb-0:2.0.0-4.CP06.0jpp.ep1.1.el4
  • jbossxb-0:1.0.0-2.SP3.0jpp.ep1.3.el4
  • rh-eap-docs-0:4.2.0-4.GA_CP04.ep1.5.el4
  • rh-eap-docs-examples-0:4.2.0-4.GA_CP04.ep1.5.el4
  • glassfish-jaf-0:1.1.0-0jpp.ep1.12.el5.1
  • glassfish-javamail-0:1.4.0-0jpp.ep1.10.el5
  • glassfish-jstl-0:1.2.0-0jpp.ep1.10.el5
  • hibernate3-1:3.2.4-1.SP1_CP04.0jpp.ep1.3.el5
  • hibernate3-annotations-0:3.2.1-4.GA_CP02.1jpp.ep1.7.el5.1
  • hibernate3-annotations-javadoc-0:3.2.1-4.GA_CP02.1jpp.ep1.7.el5.1
  • hibernate3-commons-annotations-0:0.0.0-1.1jpp.ep1.1.el5
  • hibernate3-entitymanager-0:3.2.1-2.GA_CP03.1jpp.ep1.9.el5
  • hibernate3-entitymanager-javadoc-0:3.2.1-2.GA_CP03.1jpp.ep1.9.el5
  • hibernate3-javadoc-1:3.2.4-1.SP1_CP04.0jpp.ep1.3.el5
  • hibernate3-validator-0:0.0.0-1.1jpp.ep1.1.el5
  • javassist-0:3.8.0-1jpp.ep1.2.el5
  • jboss-aop-0:1.5.5-2.CP02.0jpp.ep1.2.el5
  • jboss-jaxr-0:1.2.0-SP1.0jpp.ep1.4.el5
  • jboss-remoting-0:2.2.2-3.SP9.0jpp.ep1.2.el5
  • jboss-seam-0:1.2.1-1.ep1.9.el5
  • jboss-seam-docs-0:1.2.1-1.ep1.9.el5
  • jbossas-0:4.2.0-4.GA_CP04.ep1.7.el5.6
  • jbossts-1:4.2.3-1.SP5_CP02.1jpp.ep1.2.el5
  • jbossweb-0:2.0.0-4.CP06.0jpp.ep1.1.el5
  • jbossxb-0:1.0.0-2.SP3.0jpp.ep1.3.el5.1
  • rh-eap-docs-0:4.2.0-4.GA_CP04.ep1.3.el5
  • rh-eap-docs-examples-0:4.2.0-4.GA_CP04.ep1.3.el5

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 31300 CVE ID:CVE-2008-3519 CNCVE ID:CNCVE-20083519 JBoss Enterprise Application Platform是一款企业级应用程序平台,用于基于JBoss的应用开发。 JBoss企业级应用平台存在配置错误,远程攻击者可以利用漏洞获得敏感信息。 EAP的JBossAs组件在'production'中设置DownloadServerClasses属性为'true',而一个产品环境必须默认设置为'false'来防止非EJB类的下载,这可导致信息泄漏。 RedHat JBoss Enterprise Application Platform 4.3 EL5 RedHat JBoss Enterprise Application Platform 4.3 EL4 RedHat JBoss Enterprise Application Platform 4.3 CP01 RedHat JBoss Enterprise Application Platform 4.3 RedHat JBoss Enterprise Application Platform 4.2 EL5 RedHat JBoss Enterprise Application Platform 4.2 EL4 RedHat JBoss Enterprise Application Platform 4.2 CP03 RedHat JBoss Enterprise Application Platform 4.2 可参考如下链接获得补丁信息: <a href=http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp04/html-single/readme/index.html target=_blank>http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp04/html-single/readme/index.html</a> <a href=http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.3.0.cp02/html-single/readme/index.html target=_blank>http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.3.0.cp02/html-single/readme/index.html</a>
idSSV:4083
last seen2017-11-19
modified2008-09-24
published2008-09-24
reporterRoot
titleJBoss Enterprise Application Platform类文件信息泄漏漏洞

References