Vulnerabilities > CVE-2010-0738 - Unspecified vulnerability in Redhat Jboss Enterprise Application Platform 4.2.0/4.3.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
LOW Availability impact
NONE Summary
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
description JBoss JMX Console Beanshell Deployer WAR upload and deployment. CVE-2010-0738. Remote exploits for multiple platform id EDB-ID:16319 last seen 2016-02-01 modified 2011-01-10 published 2011-01-10 reporter metasploit source https://www.exploit-db.com/download/16319/ title JBoss JMX Console Beanshell Deployer WAR upload and deployment description JBoss & JMX Console & Misconfigured Deployment Scanner. CVE-2010-0738. Webapps exploit for jsp platform id EDB-ID:17924 last seen 2016-02-02 modified 2011-10-03 published 2011-10-03 reporter y0ug source https://www.exploit-db.com/download/17924/ title JBoss & JMX Console & Misconfigured Deployment Scanner description JBoss Application Server Remote Exploit. CVE-2010-0738. Webapps exploit for jsp platform id EDB-ID:16274 last seen 2016-02-01 modified 2011-03-04 published 2011-03-04 reporter kingcope source https://www.exploit-db.com/download/16274/ title JBoss Application Server Remote Exploit description JBoss Java Class DeploymentFileRepository WAR deployment. CVE-2010-0738. Remote exploits for multiple platform id EDB-ID:16316 last seen 2016-02-01 modified 2010-08-03 published 2010-08-03 reporter metasploit source https://www.exploit-db.com/download/16316/ title JBoss Java Class DeploymentFileRepository WAR deployment
Metasploit
description This module scans a JBoss instance for a few vulnerabilities. id MSF:AUXILIARY/SCANNER/HTTP/JBOSS_VULNSCAN last seen 2020-03-13 modified 2019-09-12 published 2010-06-21 references - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3273
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1429
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0738
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1428
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12149
reporter Rapid7 source https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/http/jboss_vulnscan.rb title JBoss Vulnerability Scanner description This module uses the DeploymentFileRepository class in JBoss Application Server (jbossas) to deploy a JSP file which then deploys the WAR file. id MSF:EXPLOIT/MULTI/HTTP/JBOSS_DEPLOYMENTFILEREPOSITORY last seen 2020-05-01 modified 2017-07-24 published 2012-08-15 references reporter Rapid7 source https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/http/jboss_deploymentfilerepository.rb title JBoss Java Class DeploymentFileRepository WAR Deployment description This module can be used to execute a payload on JBoss servers that have an exposed "jmx-console" application. The payload is put on the server by using the jboss.system:MainDeployer functionality. To accomplish this, a temporary HTTP server is created to serve a WAR archive containing our payload. This method will only work if the target server allows outbound connections to us. id MSF:EXPLOIT/MULTI/HTTP/JBOSS_MAINDEPLOYER last seen 2020-03-11 modified 2017-07-24 published 2012-06-19 references reporter Rapid7 source https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/http/jboss_maindeployer.rb title JBoss JMX Console Deployer Upload and Execute description This module scans for commonly found SAP Internet Communication Manager URLs and outputs return codes for the user. id MSF:AUXILIARY/SCANNER/SAP/SAP_ICM_URLSCAN last seen 2020-06-07 modified 2017-07-24 published 2011-10-22 references https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0738 reporter Rapid7 source https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/sap/sap_icm_urlscan.rb title SAP URL Scanner description This module can be used to install a WAR file payload on JBoss servers that have an exposed "jmx-console" application. The payload is put on the server by using the jboss.system:BSHDeployer\'s createScriptDeployment() method. id MSF:EXPLOIT/MULTI/HTTP/JBOSS_BSHDEPLOYER last seen 2020-06-14 modified 1976-01-01 published 1976-01-01 references reporter Rapid7 source https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/http/jboss_bshdeployer.rb title JBoss JMX Console Beanshell Deployer WAR Upload and Deployment description This module uses the DeploymentFileRepository class in the JBoss Application Server to deploy a JSP file which then deploys an arbitrary WAR file. id MSF:AUXILIARY/ADMIN/HTTP/JBOSS_DEPLOYMENTFILEREPOSITORY last seen 2020-05-22 modified 2020-05-12 published 2014-12-08 references reporter Rapid7 source https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/admin/http/jboss_deploymentfilerepository.rb title JBoss JMX Console DeploymentFileRepository WAR Upload and Deployment description This module can be used to install a WAR file payload on JBoss servers that have an exposed "jmx-console" application. The payload is put on the server by using the jboss.system:BSHDeployer's createScriptDeployment() method. id MSF:AUXILIARY/ADMIN/HTTP/JBOSS_BSHDEPLOYER last seen 2020-06-06 modified 1976-01-01 published 1976-01-01 references reporter Rapid7 source https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/admin/http/jboss_bshdeployer.rb title JBoss JMX Console Beanshell Deployer WAR Upload and Deployment
Nessus
NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_42328.NASL description s700_800 11.X OV NNM9.00 NNM 9.0x Patch 5 : The remote HP-UX host is affected by multiple vulnerabilities : - Apotential security vulnerability has been identified with HP Network Node Manager I (NNMi) on HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized access. References: CVE-2013-2351 (SSRT101012, ZDI-CAN-1566). - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. (HPSBMU02714 SSRT100244) - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in cross site scripting (XSS). (HPSBMU02708 SSRT100633) - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized access to NNMi processes. (HPSBMA02659 SSRT100440) last seen 2020-06-01 modified 2020-06-02 plugin id 56849 published 2012-03-06 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/56849 title HP-UX PHSS_42328 : s700_800 11.X OV NNM9.00 NNM 9.0x Patch 5 code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHSS_42328. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(56849); script_version("1.24"); script_cvs_date("Date: 2018/07/12 19:01:15"); script_cve_id("CVE-2010-0738", "CVE-2011-1534", "CVE-2011-4155", "CVE-2011-4156", "CVE-2013-2351"); script_bugtraq_id(47420, 50635, 61132); script_xref(name:"HP", value:"emr_na-c02788734"); script_xref(name:"IAVB", value:"2013-B-0073"); script_xref(name:"HP", value:"emr_na-c03035744"); script_xref(name:"HP", value:"emr_na-c03057508"); script_xref(name:"HP", value:"emr_na-c03747342"); script_xref(name:"HP", value:"SSRT100244"); script_xref(name:"HP", value:"SSRT100440"); script_xref(name:"HP", value:"SSRT100633"); script_name(english:"HP-UX PHSS_42328 : s700_800 11.X OV NNM9.00 NNM 9.0x Patch 5"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.X OV NNM9.00 NNM 9.0x Patch 5 : The remote HP-UX host is affected by multiple vulnerabilities : - Apotential security vulnerability has been identified with HP Network Node Manager I (NNMi) on HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized access. References: CVE-2013-2351 (SSRT101012, ZDI-CAN-1566). - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. (HPSBMU02714 SSRT100244) - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in cross site scripting (XSS). (HPSBMU02708 SSRT100633) - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized access to NNMi processes. (HPSBMA02659 SSRT100440)" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02788734 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?7dec283b" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03035744 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?8792dae1" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03057508 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?85d28e00" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03747342 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?54da22c0" ); script_set_attribute( attribute:"solution", value:"Install patch PHSS_42328 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploithub_sku", value:"EH-12-132"); script_set_attribute(attribute:"exploit_framework_exploithub", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'JBoss JMX Console Deployer Upload and Execute'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/11/03"); script_set_attribute(attribute:"patch_modification_date", value:"2011/11/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/03/06"); script_set_attribute(attribute:"stig_severity", value:"I"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.23 11.31")) { exit(0, "The host is not affected since PHSS_42328 applies to a different OS release."); } patches = make_list("PHSS_42328"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"HPOvNNM.HPNMSJBOSS", version:"9.00.000")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Web Servers NASL id JBOSS_EAP_JMX_CONSOLE_AUTH_BYPASS2.NASL description The version of JBoss Enterprise Application Platform (EAP) running on the remote host allows unauthenticated access to documents under the /jmx-console directory. This is due to a misconfiguration in web.xml which only requires authentication for GET and POST requests. Specifying a different verb such as HEAD, DELETE, or PUT causes the default GET handler to be used without authentication. A remote, unauthenticated attacker could exploit this by deploying a malicious .war file, resulting in arbitrary code execution. This version of JBoss EAP likely has other vulnerabilities (refer to Nessus plugins 33869 and 46181). last seen 2020-06-01 modified 2020-06-02 plugin id 53337 published 2011-04-08 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/53337 title JBoss Enterprise Application Platform '/jmx-console' Authentication Bypass NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0379.NASL description Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages that fix three security issues and multiple bugs are now available for Red Hat Enterprise Linux 5 as JBEAP 4.3.0.CP08. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. JBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution. This release of JBEAP for Red Hat Enterprise Linux 5 serves as a replacement to JBEAP 4.3.0.CP07. These updated packages include multiple bug fixes which are detailed in the Release Notes. The Release Notes will be available shortly from the link in the References section. The following security issues are also fixed with this release : The JMX Console configuration only specified an authentication requirement for requests that used the GET and POST HTTP last seen 2020-06-01 modified 2020-06-02 plugin id 63931 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63931 title RHEL 5 : JBoss EAP (RHSA-2010:0379) NASL family Junos Local Security Checks NASL id JUNIPER_SPACE_JSA10627.NASL description According to its self-reported version number, the remote Junos Space version is prior to 13.3R1.8. It is, therefore, affected by multiple vulnerabilities in bundled third party software components : - Multiple vulnerabilities in RedHat JBoss application server. (CVE-2010-0738, CVE-2010-1428, CVE-2010-1429, CVE-2011-5245, CVE-2012-0818) - Multiple vulnerabilities in Oracle Java SE JDK. (CVE-2012-3143, CVE-2013-1537, CVE-2013-1557, CVE-2013-2422) - Multiple vulnerabilities in Oracle MySQL server. (CVE-2013-1502, CVE-2013-1511, CVE-2013-1532, CVE-2013-1544, CVE-2013-2375, CVE-2013-2376, CVE-2013-2389, CVE-2013-2391, CVE-2013-2392, CVE-2013-3783, CVE-2013-3793, CVE-2013-3794, CVE-2013-3801, CVE-2013-3802, CVE-2013-3804, CVE-2013-3805, CVE-2013-3808, CVE-2013-3809, CVE-2013-3812, CVE-2013-3839) - Multiple vulnerabilities in Apache HTTP Server. (CVE-2013-1862, CVE-2013-1896) - Known hard-coded MySQL credentials. (CVE-2014-3413) last seen 2020-06-01 modified 2020-06-02 plugin id 80195 published 2014-12-22 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80195 title Juniper Junos Space < 13.3R1.8 Multiple Vulnerabilities (JSA10627) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0378.NASL description Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages that fix three security issues and multiple bugs are now available for Red Hat Enterprise Linux 5 as JBEAP 4.2.0.CP09. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. JBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution. This release of JBEAP for Red Hat Enterprise Linux 5 serves as a replacement to JBEAP 4.2.0.CP08. These updated packages include multiple bug fixes which are detailed in the Release Notes. The Release Notes will be available shortly from the link in the References section. The following security issues are also fixed with this release : The JMX Console configuration only specified an authentication requirement for requests that used the GET and POST HTTP last seen 2020-06-01 modified 2020-06-02 plugin id 63930 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63930 title RHEL 5 : JBoss EAP (RHSA-2010:0378) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0376.NASL description Updated JBoss Enterprise Application Platform (JBEAP) 4.2 packages that fix three security issues and multiple bugs are now available for Red Hat Enterprise Linux 4 as JBEAP 4.2.0.CP09. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. JBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution. This release of JBEAP for Red Hat Enterprise Linux 4 serves as a replacement to JBEAP 4.2.0.CP08. These updated packages include multiple bug fixes which are detailed in the Release Notes. The Release Notes will be available shortly from the link in the References section. The following security issues are also fixed with this release : The JMX Console configuration only specified an authentication requirement for requests that used the GET and POST HTTP last seen 2020-06-01 modified 2020-06-02 plugin id 63928 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63928 title RHEL 4 : JBoss EAP (RHSA-2010:0376) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0377.NASL description Updated JBoss Enterprise Application Platform (JBEAP) 4.3 packages that fix three security issues and multiple bugs are now available for Red Hat Enterprise Linux 4 as JBEAP 4.3.0.CP08. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. JBoss Enterprise Application Platform is the market leading platform for innovative and scalable Java applications; integrating the JBoss Application Server, with JBoss Hibernate and JBoss Seam into a complete, simple enterprise solution. This release of JBEAP for Red Hat Enterprise Linux 4 serves as a replacement to JBEAP 4.3.0.CP07. These updated packages include multiple bug fixes which are detailed in the Release Notes. The Release Notes will be available shortly from the link in the References section. The following security issues are also fixed with this release : The JMX Console configuration only specified an authentication requirement for requests that used the GET and POST HTTP last seen 2020-06-01 modified 2020-06-02 plugin id 63929 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63929 title RHEL 4 : JBoss EAP (RHSA-2010:0377)
Packetstorm
data source https://packetstormsecurity.com/files/download/90957/jboss_bshdeployer.rb.txt id PACKETSTORM:90957 last seen 2016-12-05 published 2010-06-24 reporter Patrick Hof source https://packetstormsecurity.com/files/90957/JBoss-JMX-Console-Beanshell-Deployer-WAR-Upload-And-Deployment.html title JBoss JMX Console Beanshell Deployer WAR Upload And Deployment data source https://packetstormsecurity.com/files/download/130221/MSA-2015-02.txt id PACKETSTORM:130221 last seen 2016-12-05 published 2015-02-03 reporter Hans-Martin Muench source https://packetstormsecurity.com/files/130221/Hewlett-Packard-UCMDB-10.10-JMX-Console-Authentication-Bypass.html title Hewlett-Packard UCMDB 10.10 JMX-Console Authentication Bypass data source https://packetstormsecurity.com/files/download/105520/jboss-addurl.txt id PACKETSTORM:105520 last seen 2016-12-05 published 2011-10-03 reporter y0ug source https://packetstormsecurity.com/files/105520/JBoss-addURL-Misconfiguration-Attack.html title JBoss addURL Misconfiguration Attack
Redhat
| advisories |
| ||||||||||||||||
| rpms |
|
Saint
| bid | 39710 |
| description | RedHat JBoss Enterprise Application Platform JMX Console Authentication Bypass |
| id | web_dev_jbossasver |
| osvdb | 64171 |
| title | jboss_application_server_jmx_console_authentication_bypass |
| type | remote |
Seebug
bulletinFamily exploit description No description provided by source. id SSV:20967 last seen 2017-11-19 modified 2011-10-05 published 2011-10-05 reporter Root source https://www.seebug.org/vuldb/ssvid-20967 title JBoss addURL Misconfiguration Attack bulletinFamily exploit description BUGTRAQ ID: 39710 CVE ID: CVE-2010-0738,CVE-2010-1428,CVE-2010-1429 JBoss企业应用平台(EAP)是J2EE应用的中间件平台。 JBoss企业应用平台中存在多个非授权访问漏洞,远程用户可以绕过认证执行非授权操作或读取敏感信息。 1) JMX控制台配置仅对使用GET和POST HTTP命令的请求指定了认证要求,远程攻击者可以创建没有指定GET或POST的HTTP请求,导致无需认证便被默认的GET处理器执行。 2) 默认阻断了对JBoss应用服务器Web控制台(/web-console)的非认证访问,但这种阻断并不彻底,仅阻断了GET和POST HTTP命令。远程攻击者可以利用这个漏洞访问敏感信息。 3) RHSA-2008:0828更新修复了未经认证用户可访问状态servlet的漏洞(CVE-2008-3273);但RHSA-2009:0349中的bug修复重新引入了这个漏洞。远程攻击者可以利用这个漏洞获得有关所部署的web上下文的详细信息。 RedHat JBoss EAP 4.3 RedHat JBoss EAP 4.2 厂商补丁: RedHat ------ RedHat已经为此发布了一个安全公告(RHSA-2010:0376-01)以及相应补丁: RHSA-2010:0376-01:Critical: JBoss Enterprise Application Platform 4.2.0.CP09 update 链接:https://www.redhat.com/support/errata/RHSA-2010-0376.html id SSV:19528 last seen 2017-11-19 modified 2010-04-29 published 2010-04-29 reporter Root title JBoss企业应用平台多个非授权访问漏洞 bulletinFamily exploit description No description provided by source. id SSV:72182 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-72182 title JBoss, JMX Console, misconfigured DeploymentScanner bulletinFamily exploit description No description provided by source. id SSV:70837 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-70837 title JBoss JMX Console Beanshell Deployer WAR upload and deployment
References
- https://rhn.redhat.com/errata/RHSA-2010-0379.html
- https://bugzilla.redhat.com/show_bug.cgi?id=574105
- https://rhn.redhat.com/errata/RHSA-2010-0376.html
- http://www.vupen.com/english/advisories/2010/0992
- https://rhn.redhat.com/errata/RHSA-2010-0377.html
- http://securitytracker.com/id?1023918
- http://www.securityfocus.com/bid/39710
- http://secunia.com/advisories/39563
- https://rhn.redhat.com/errata/RHSA-2010-0378.html
- http://securityreason.com/securityalert/8408
- http://marc.info/?l=bugtraq&m=132129312609324&w=2
- http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=35
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58147