Vulnerabilities > CVE-2013-4517 - Resource Management Errors vulnerability in Apache Santuario XML Security for Java
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attackers to cause a denial of service (memory consumption) via crafted Document Type Definitions (DTDs), related to signatures.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2014-13879.NASL description Security fix for CVE-2013-4517 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-11-07 plugin id 78907 published 2014-11-07 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/78907 title Fedora 20 : xml-security-1.5.7-1.fc20 (2014-13879) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2014-13879. # include("compat.inc"); if (description) { script_id(78907); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-4517"); script_bugtraq_id(64437); script_xref(name:"FEDORA", value:"2014-13879"); script_name(english:"Fedora 20 : xml-security-1.5.7-1.fc20 (2014-13879)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Security fix for CVE-2013-4517 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1045257" ); # https://lists.fedoraproject.org/pipermail/package-announce/2014-November/142709.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?f3e0f41c" ); script_set_attribute( attribute:"solution", value:"Update the affected xml-security package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xml-security"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20"); script_set_attribute(attribute:"patch_publication_date", value:"2014/10/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^20([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC20", reference:"xml-security-1.5.7-1.fc20")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xml-security"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-1728.NASL description Updated packages for Red Hat JBoss Enterprise Web Platform 5.2.0 that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Red Hat JBoss Enterprise Web Platform is a platform for Java applications, which integrates the JBoss Web Server with JBoss Hibernate and JBoss Seam. It was discovered that the Apache Santuario XML Security for Java project allowed Document Type Definitions (DTDs) to be processed when applying Transforms even when secure validation was enabled. A remote attacker could use this flaw to exhaust all available memory on the system, causing a denial of service. (CVE-2013-4517) All users of Red Hat JBoss Enterprise Web Platform 5.2.0 on Red Hat Enterprise Linux 4, 5, and 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 78736 published 2014-10-30 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/78736 title RHEL 5 / 6 : JBoss EWP (RHSA-2014:1728) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2014:1728. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(78736); script_version("1.12"); script_cvs_date("Date: 2019/10/24 15:35:39"); script_cve_id("CVE-2013-4517"); script_xref(name:"RHSA", value:"2014:1728"); script_name(english:"RHEL 5 / 6 : JBoss EWP (RHSA-2014:1728)"); script_summary(english:"Checks the rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing a security update." ); script_set_attribute( attribute:"description", value: "Updated packages for Red Hat JBoss Enterprise Web Platform 5.2.0 that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Red Hat JBoss Enterprise Web Platform is a platform for Java applications, which integrates the JBoss Web Server with JBoss Hibernate and JBoss Seam. It was discovered that the Apache Santuario XML Security for Java project allowed Document Type Definitions (DTDs) to be processed when applying Transforms even when secure validation was enabled. A remote attacker could use this flaw to exhaust all available memory on the system, causing a denial of service. (CVE-2013-4517) All users of Red Hat JBoss Enterprise Web Platform 5.2.0 on Red Hat Enterprise Linux 4, 5, and 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2014:1728" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-4517" ); script_set_attribute( attribute:"solution", value:"Update the affected xml-security package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xml-security"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/01/10"); script_set_attribute(attribute:"patch_publication_date", value:"2014/10/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/10/30"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x / 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2014:1728"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (! (rpm_exists(release:"RHEL5", rpm:"jbossas-seam2-") || rpm_exists(release:"RHEL6", rpm:"jbossas-seam2-")) || rpm_exists(rpm:"jbossas-welcome-content-eap")) audit(AUDIT_PACKAGE_NOT_INSTALLED, "JBoss EWP"); if (rpm_check(release:"RHEL5", reference:"xml-security-1.5.6-3.ep5.el5")) flag++; if (rpm_check(release:"RHEL6", reference:"xml-security-1.5.6-3.el6")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xml-security"); } }NASL family Fedora Local Security Checks NASL id FEDORA_2014-13983.NASL description Security fix for CVE-2013-4517 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-11-10 plugin id 79072 published 2014-11-10 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/79072 title Fedora 21 : xml-security-1.5.7-1.fc21 (2014-13983) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2014-13983. # include("compat.inc"); if (description) { script_id(79072); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-4517"); script_bugtraq_id(64437); script_xref(name:"FEDORA", value:"2014-13983"); script_name(english:"Fedora 21 : xml-security-1.5.7-1.fc21 (2014-13983)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Security fix for CVE-2013-4517 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1045257" ); # https://lists.fedoraproject.org/pipermail/package-announce/2014-November/143002.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?956115c4" ); script_set_attribute( attribute:"solution", value:"Update the affected xml-security package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xml-security"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:21"); script_set_attribute(attribute:"patch_publication_date", value:"2014/10/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/10"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^21([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 21.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC21", reference:"xml-security-1.5.7-1.fc21")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xml-security"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-0170.NASL description Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.2.1 and fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the ParserPool and Decrypter classes in the OpenSAML Java implementation resolved external entities, permitting XML External Entity (XXE) attacks. A remote attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. (CVE-2013-6440) It was discovered that the Apache Santuario XML Security for Java project allowed Document Type Definitions (DTDs) to be processed when applying Transforms even when secure validation was enabled. A remote attacker could use this flaw to exhaust all available memory on the system, causing a denial of service. (CVE-2013-4517) In Red Hat JBoss Enterprise Application Platform, when running under a security manager, it was possible for deployed code to get access to the Modular Service Container (MSC) service registry without any permission checks. This could allow malicious deployments to modify the internal state of the server in various ways. (CVE-2014-0018) The CVE-2013-6440 was discovered by David Illsley, Ron Gutierrez of Gotham Digital Science, and David Jorm of the Red Hat Security Response Team, and the CVE-2014-0018 issue was discovered by Stuart Douglas of Red Hat. This release serves as a replacement for JBoss Enterprise Application Platform 6.2.0, and includes bug fixes and enhancements. Documentation for these changes will be available shortly from the JBoss Enterprise Application Platform 6.2.1 Release Notes, linked to in the References. All users of Red Hat JBoss Enterprise Application Platform 6.2.0 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 72497 published 2014-02-14 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72497 title RHEL 5 : JBoss EAP (RHSA-2014:0170) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2014:0170. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(72497); script_version("1.19"); script_cvs_date("Date: 2019/10/24 15:35:38"); script_cve_id("CVE-2013-4517", "CVE-2013-6440", "CVE-2014-0018"); script_bugtraq_id(64345, 64437); script_xref(name:"RHSA", value:"2014:0170"); script_name(english:"RHEL 5 : JBoss EAP (RHSA-2014:0170)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.2.1 and fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the ParserPool and Decrypter classes in the OpenSAML Java implementation resolved external entities, permitting XML External Entity (XXE) attacks. A remote attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. (CVE-2013-6440) It was discovered that the Apache Santuario XML Security for Java project allowed Document Type Definitions (DTDs) to be processed when applying Transforms even when secure validation was enabled. A remote attacker could use this flaw to exhaust all available memory on the system, causing a denial of service. (CVE-2013-4517) In Red Hat JBoss Enterprise Application Platform, when running under a security manager, it was possible for deployed code to get access to the Modular Service Container (MSC) service registry without any permission checks. This could allow malicious deployments to modify the internal state of the server in various ways. (CVE-2014-0018) The CVE-2013-6440 was discovered by David Illsley, Ron Gutierrez of Gotham Digital Science, and David Jorm of the Red Hat Security Response Team, and the CVE-2014-0018 issue was discovered by Stuart Douglas of Red Hat. This release serves as a replacement for JBoss Enterprise Application Platform 6.2.0, and includes bug fixes and enhancements. Documentation for these changes will be available shortly from the JBoss Enterprise Application Platform 6.2.1 Release Notes, linked to in the References. All users of Red Hat JBoss Enterprise Application Platform 6.2.0 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-4517" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-6440" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0018" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/site/documentation/en-US/" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2014:0170" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hornetq"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jacorb-jboss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-appclient"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-client-all"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-clustering"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-cmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-configadmin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-connector"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-core-security"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-repository"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-scanner"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-http"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-management"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee-deployment"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-ejb3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-embedded"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-host-controller"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jacorb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxrs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jdr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jmx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jpa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsr77"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-logging"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-mail"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-management-client-content"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-messaging"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-modcluster"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-naming"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-network"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-configadmin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-service"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-platform-mbean"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-pojo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-process-controller"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-protocol"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-remoting"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-sar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-security"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-system-jmx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-threads"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-transactions"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-version"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-web"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-webservices"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-weld"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-xts"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-logmanager"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-marshalling"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-xnio-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-javadocs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-modules-eap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossweb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:netty"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:picketbox"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:weld-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xml-security"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xmltooling"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"patch_publication_date", value:"2014/02/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/02/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = eregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! ereg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2014:0170"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (! (rpm_exists(release:"RHEL5", rpm:"jbossas-core-"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "JBoss EAP"); if (rpm_check(release:"RHEL5", reference:"hornetq-2.3.14-1.Final_redhat_1.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jacorb-jboss-2.3.2-13.redhat_6.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-appclient-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-cli-7.3.1-4.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-client-all-7.3.1-4.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-clustering-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-cmp-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-configadmin-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-connector-7.3.1-4.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-controller-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-controller-client-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-core-security-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-deployment-repository-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-deployment-scanner-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-domain-http-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-domain-management-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-ee-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-ee-deployment-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-ejb3-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-embedded-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-host-controller-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-jacorb-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-jaxr-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-jaxrs-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-jdr-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-jmx-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-jpa-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-jsf-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-jsr77-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-logging-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-mail-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-management-client-content-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-messaging-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-modcluster-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-naming-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-network-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-osgi-7.3.1-4.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-osgi-configadmin-7.3.1-4.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-osgi-service-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-platform-mbean-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-pojo-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-process-controller-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-protocol-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-remoting-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-sar-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-security-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-server-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-system-jmx-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-threads-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-transactions-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-version-7.3.1-4.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-web-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-webservices-7.3.1-3.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-weld-7.3.1-4.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-as-xts-7.3.1-2.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-logmanager-1.5.2-1.Final_redhat_1.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-marshalling-1.4.3-1.Final_redhat_1.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jboss-xnio-base-3.0.9-1.GA_redhat_1.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jbossas-core-7.3.1-5.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jbossas-javadocs-7.3.1-3.Final_redhat_3.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jbossas-modules-eap-7.3.1-6.Final_redhat_3.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"jbossweb-7.3.0-1.Final_redhat_1.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"netty-3.6.7-1.Final_redhat_1.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"picketbox-4.0.19-2.SP3_redhat_1.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"weld-core-1.1.17-1.Final_redhat_1.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"xml-security-1.5.6-1.redhat_1.1.ep6.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"xmltooling-1.3.4-5.redhat_3.1.ep6.el5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "hornetq / jacorb-jboss / jboss-as-appclient / jboss-as-cli / etc"); } }NASL family Misc. NASL id SECURITYCENTER_5_8_0_TNS_2018_15.NASL description According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is 5.7.1 or earlier. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues nor the stand-alone patch but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 119149 published 2018-11-27 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119149 title Tenable SecurityCenter < 5.8.0 Multiple Vulnerabilities (TNS-2018-15) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(119149); script_version("1.4"); script_cvs_date("Date: 2019/11/01"); script_cve_id( "CVE-2013-2153", "CVE-2013-2154", "CVE-2013-2155", "CVE-2013-2156", "CVE-2013-2210", "CVE-2013-4517", "CVE-2014-0107" ); script_bugtraq_id( 60592, 60594, 60595, 60599, 60817, 64437, 66397 ); script_name(english:"Tenable SecurityCenter < 5.8.0 Multiple Vulnerabilities (TNS-2018-15)"); script_summary(english:"Checks the SecurityCenter version."); script_set_attribute(attribute:"synopsis", value: "An application installed on the remote host is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is 5.7.1 or earlier. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues nor the stand-alone patch but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"https://www.tenable.com/security/tns-2018-15"); script_set_attribute(attribute:"solution", value: "Upgrade to Tenable SecurityCenter version 5.8.0 or later or apply SecurityCenter Patch 201811.1."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-0107"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/11/07"); script_set_attribute(attribute:"patch_publication_date", value:"2018/11/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/11/27"); script_set_attribute(attribute:"plugin_type", value:"combined"); script_set_attribute(attribute:"cpe", value:"cpe:/a:tenable:securitycenter"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("securitycenter_installed.nbin", "securitycenter_detect.nbin"); script_require_keys("Settings/ParanoidReport"); script_require_ports("Host/SecurityCenter/Version", "installed_sw/SecurityCenter"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("install_func.inc"); include("misc_func.inc"); if (report_paranoia < 2) audit(AUDIT_PARANOID); version = get_kb_item("Host/SecurityCenter/Version"); port = 0; if(empty_or_null(version)) { port = 443; install = get_single_install(app_name:"SecurityCenter", combined:TRUE, exit_if_unknown_ver:TRUE); version = install["version"]; } fix = "5.8.0"; if (ver_compare(ver:version, fix:fix, strict:FALSE) < 0) { items = make_array( "Installed version", version, "Fixed version", fix ); order = make_list("Installed version", "Fixed version"); report = report_items_str(report_items:items, ordered_fields:order); security_report_v4(severity:SECURITY_HOLE, port:port, extra:report); } else audit(AUDIT_INST_VER_NOT_VULN, 'SecurityCenter', version);NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-1726.NASL description Updated packages for Red Hat JBoss Enterprise Application Platform 5.2.0 that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Red Hat JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. It was discovered that the Apache Santuario XML Security for Java project allowed Document Type Definitions (DTDs) to be processed when applying Transforms even when secure validation was enabled. A remote attacker could use this flaw to exhaust all available memory on the system, causing a denial of service. (CVE-2013-4517) All users of Red Hat JBoss Enterprise Application Platform 5.2.0 on Red Hat Enterprise Linux 4, 5, and 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 78735 published 2014-10-30 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/78735 title RHEL 5 / 6 : JBoss EAP (RHSA-2014:1726) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2014:1726. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(78735); script_version("1.12"); script_cvs_date("Date: 2019/10/24 15:35:39"); script_cve_id("CVE-2013-4517"); script_xref(name:"RHSA", value:"2014:1726"); script_name(english:"RHEL 5 / 6 : JBoss EAP (RHSA-2014:1726)"); script_summary(english:"Checks the rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing a security update." ); script_set_attribute( attribute:"description", value: "Updated packages for Red Hat JBoss Enterprise Application Platform 5.2.0 that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Red Hat JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. It was discovered that the Apache Santuario XML Security for Java project allowed Document Type Definitions (DTDs) to be processed when applying Transforms even when secure validation was enabled. A remote attacker could use this flaw to exhaust all available memory on the system, causing a denial of service. (CVE-2013-4517) All users of Red Hat JBoss Enterprise Application Platform 5.2.0 on Red Hat Enterprise Linux 4, 5, and 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2014:1726" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-4517" ); script_set_attribute( attribute:"solution", value:"Update the affected xml-security package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xml-security"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/01/10"); script_set_attribute(attribute:"patch_publication_date", value:"2014/10/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/10/30"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x / 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2014:1726"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (! (rpm_exists(release:"RHEL5", rpm:"jbossas-welcome-content-eap") || rpm_exists(release:"RHEL6", rpm:"jbossas-welcome-content-eap"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "JBoss EAP"); if (rpm_check(release:"RHEL5", reference:"xml-security-1.5.6-3.ep5.el5")) flag++; if (rpm_check(release:"RHEL6", reference:"xml-security-1.5.6-3.el6")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xml-security"); } }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-0171.NASL description Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.2.1 and fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the ParserPool and Decrypter classes in the OpenSAML Java implementation resolved external entities, permitting XML External Entity (XXE) attacks. A remote attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. (CVE-2013-6440) It was discovered that the Apache Santuario XML Security for Java project allowed Document Type Definitions (DTDs) to be processed when applying Transforms even when secure validation was enabled. A remote attacker could use this flaw to exhaust all available memory on the system, causing a denial of service. (CVE-2013-4517) In Red Hat JBoss Enterprise Application Platform, when running under a security manager, it was possible for deployed code to get access to the Modular Service Container (MSC) service registry without any permission checks. This could allow malicious deployments to modify the internal state of the server in various ways. (CVE-2014-0018) The CVE-2013-6440 was discovered by David Illsley, Ron Gutierrez of Gotham Digital Science, and David Jorm of the Red Hat Security Response Team, and the CVE-2014-0018 issue was discovered by Stuart Douglas of Red Hat. This release serves as a replacement for JBoss Enterprise Application Platform 6.2.0, and includes bug fixes and enhancements. Documentation for these changes will be available shortly from the JBoss Enterprise Application Platform 6.2.1 Release Notes, linked to in the References. All users of Red Hat JBoss Enterprise Application Platform 6.2.0 on Red Hat Enterprise Linux 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 72498 published 2014-02-14 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72498 title RHEL 6 : JBoss EAP (RHSA-2014:0171)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://secunia.com/advisories/55639
- http://seclists.org/fulldisclosure/2013/Dec/169
- http://santuario.apache.org/secadv.data/cve-2013-4517.txt.asc
- http://osvdb.org/101169
- http://www.securitytracker.com/id/1029524
- http://www.securityfocus.com/bid/64437
- http://packetstormsecurity.com/files/124554/Java-XML-Signature-Denial-Of-Service-Attack.html
- http://rhn.redhat.com/errata/RHSA-2014-0170.html
- http://rhn.redhat.com/errata/RHSA-2014-0172.html
- http://rhn.redhat.com/errata/RHSA-2014-0171.html
- http://rhn.redhat.com/errata/RHSA-2014-0195.html
- http://rhn.redhat.com/errata/RHSA-2014-1728.html
- http://rhn.redhat.com/errata/RHSA-2014-1726.html
- http://rhn.redhat.com/errata/RHSA-2014-1727.html
- http://rhn.redhat.com/errata/RHSA-2014-1725.html
- http://rhn.redhat.com/errata/RHSA-2015-0675.html
- http://rhn.redhat.com/errata/RHSA-2015-0851.html
- http://rhn.redhat.com/errata/RHSA-2015-0850.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89891
- https://www.tenable.com/security/tns-2018-15
- https://lists.apache.org/thread.html/680e6938b6412e26d5446054fd31de2011d33af11786b989127d1cc3%40%3Ccommits.santuario.apache.org%3E
- https://lists.apache.org/thread.html/r1c07a561426ec5579073046ad7f4207cdcef452bb3100abaf908e0cd%40%3Ccommits.santuario.apache.org%3E