Vulnerabilities > CVE-2016-2141 - Unspecified vulnerability in Redhat Jboss Enterprise Application Platform and Jgroups

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
redhat
critical
nessus

Summary

It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-1328.NASL
    descriptionA security update is now available for Red Hat JBoss Enterprise Application Platform 5.2.0 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. This asynchronous patch is a security update for JGroups package in Red Hat JBoss Enterprise Application Platform 5.2. More information about this vulnerability is available at: https://access.redhat.com/articles/2360521 Security Fix(es) : * It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. (CVE-2016-2141) The CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat).
    last seen2020-06-01
    modified2020-06-02
    plugin id91851
    published2016-06-27
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91851
    titleRHEL 5 / 6 : JBoss EAP (RHSA-2016:1328)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2016:1328. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(91851);
      script_version("2.11");
      script_cvs_date("Date: 2019/10/24 15:35:41");
    
      script_cve_id("CVE-2016-2141");
      script_xref(name:"RHSA", value:"2016:1328");
    
      script_name(english:"RHEL 5 / 6 : JBoss EAP (RHSA-2016:1328)");
      script_summary(english:"Checks the rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A security update is now available for Red Hat JBoss Enterprise
    Application Platform 5.2.0 from the Customer Portal.
    
    Red Hat Product Security has rated this update as having a security
    impact of Critical. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    Red Hat JBoss Enterprise Application Platform is a platform for Java
    applications, which integrates the JBoss Application Server with JBoss
    Hibernate and JBoss Seam.
    
    This asynchronous patch is a security update for JGroups package in
    Red Hat JBoss Enterprise Application Platform 5.2. More information
    about this vulnerability is available at:
    https://access.redhat.com/articles/2360521
    
    Security Fix(es) :
    
    * It was found that JGroups did not require necessary headers for
    encrypt and auth protocols from new nodes joining the cluster. An
    attacker could use this flaw to bypass security restrictions, and use
    this vulnerability to send and receive messages within the cluster,
    leading to information disclosure, message spoofing, or further
    possible attacks. (CVE-2016-2141)
    
    The CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2016:1328"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2016-2141"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected jgroups package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jgroups");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/06/30");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/06/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/06/27");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x / 6.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2016:1328";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
    
      if (! (rpm_exists(release:"RHEL5", rpm:"jbossas-welcome-content-eap") || rpm_exists(release:"RHEL6", rpm:"jbossas-welcome-content-eap"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "JBoss EAP");
    
      if (rpm_check(release:"RHEL5", reference:"jgroups-2.6.22-2.ep5.el5")) flag++;
    
      if (rpm_check(release:"RHEL6", reference:"jgroups-2.6.22-2.ep5.el6")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "jgroups");
      }
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-1433.NASL
    descriptionAn update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes documented linked to in the References. Security Fix(es) : * It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. (CVE-2016-2141) More information about this vulnerability is available at: https:// access.redhat.com/articles/2360521 * A directory traversal flaw was found in Tomcat
    last seen2020-06-01
    modified2020-06-02
    plugin id92451
    published2016-07-20
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/92451
    titleRHEL 6 : JBoss EAP (RHSA-2016:1433)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2016:1433. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(92451);
      script_version("2.14");
      script_cvs_date("Date: 2019/10/24 15:35:41");
    
      script_cve_id("CVE-2015-5174", "CVE-2016-2141");
      script_xref(name:"RHSA", value:"2016:1433");
    
      script_name(english:"RHEL 6 : JBoss EAP (RHSA-2016:1433)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update is now available for Red Hat JBoss Enterprise Application
    Platform 6.4 for RHEL 6.
    
    Red Hat Product Security has rated this update as having a security
    impact of Critical. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    Red Hat JBoss Enterprise Application Platform 6 is a platform for Java
    applications based on JBoss Application Server 7.
    
    This release of Red Hat JBoss Enterprise Application Platform 6.4.9
    serves as a replacement for Red Hat JBoss Enterprise Application
    Platform 6.4.8, and includes bug fixes and enhancements, which are
    documented in the Release Notes documented linked to in the
    References.
    
    Security Fix(es) :
    
    * It was found that JGroups did not require necessary headers for
    encrypt and auth protocols from new nodes joining the cluster. An
    attacker could use this flaw to bypass security restrictions, and use
    this vulnerability to send and receive messages within the cluster,
    leading to information disclosure, message spoofing, or further
    possible attacks. (CVE-2016-2141)
    
    More information about this vulnerability is available at: https://
    access.redhat.com/articles/2360521
    
    * A directory traversal flaw was found in Tomcat's and JBoss Web's
    RequestUtil.java. A remote, authenticated user could use this flaw to
    bypass intended SecurityManager restrictions and list a parent
    directory via a '/..' in a pathname used by a web application in a
    getResource, getResourceAsStream, or getResourcePaths call, as
    demonstrated by the $CATALINA_BASE/webapps directory. (CVE-2015-5174)
    
    The CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2016:1433"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2015-5174"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2016-2141"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-cxf");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glassfish-jsf-eap6");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hibernate4-validator");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hornetq");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-appclient");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-client-all");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-clustering");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-cmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-configadmin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-connector");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller-client");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-core-security");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-repository");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-scanner");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-http");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-management");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee-deployment");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-ejb3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-embedded");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-host-controller");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jacorb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxrs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jdr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jmx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jpa");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsf");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsr77");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-logging");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-mail");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-management-client-content");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-messaging");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-modcluster");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-naming");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-network");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-configadmin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-service");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-picketlink");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-platform-mbean");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-pojo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-process-controller");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-protocol");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-remoting");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-sar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-security");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-system-jmx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-threads");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-transactions");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-version");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-web");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-webservices");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-weld");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-xts");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-jsf-api_2.1_spec");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-msc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-appclient");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-bundles");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-core");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-domain");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-javadocs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-modules-eap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-product-eap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-standalone");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-welcome-content-eap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossts");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossweb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:picketlink-bindings");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:picketlink-federation");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xalan-j2-eap6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/02/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/07/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/07/20");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2016:1433";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
    
      if (! (rpm_exists(release:"RHEL6", rpm:"jbossas-welcome-content-eap"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "JBoss EAP");
    
      if (rpm_check(release:"RHEL6", reference:"apache-cxf-2.7.18-2.SP1_redhat_1.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"glassfish-jsf-eap6-2.1.28-11.SP10_redhat_1.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"hibernate4-validator-4.3.3-1.Final_redhat_1.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"hornetq-2.3.25-13.SP11_redhat_1.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-appclient-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-cli-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-client-all-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-clustering-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-cmp-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-configadmin-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-connector-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-controller-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-controller-client-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-core-security-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-deployment-repository-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-deployment-scanner-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-domain-http-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-domain-management-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-ee-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-ee-deployment-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-ejb3-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-embedded-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-host-controller-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-jacorb-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-jaxr-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-jaxrs-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-jdr-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-jmx-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-jpa-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-jsf-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-jsr77-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-logging-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-mail-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-management-client-content-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-messaging-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-modcluster-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-naming-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-network-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-osgi-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-osgi-configadmin-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-osgi-service-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-picketlink-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-platform-mbean-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-pojo-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-process-controller-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-protocol-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-remoting-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-sar-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-security-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-server-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-system-jmx-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-threads-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-transactions-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-version-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-web-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-webservices-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-weld-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-as-xts-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-jsf-api_2.1_spec-2.1.28-6.SP2_redhat_1.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-msc-1.1.6-1.Final_redhat_1.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jbossas-appclient-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jbossas-bundles-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jbossas-core-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jbossas-domain-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jbossas-javadocs-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jbossas-modules-eap-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jbossas-product-eap-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jbossas-standalone-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jbossas-welcome-content-eap-7.5.9-2.Final_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jbossts-4.17.34-1.Final_redhat_1.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jbossweb-7.5.17-1.Final_redhat_1.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"picketlink-bindings-2.5.4-11.SP9_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"picketlink-federation-2.5.4-11.SP9_redhat_2.1.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"xalan-j2-eap6-2.7.1-11.redhat_11.1.ep6.el6")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache-cxf / glassfish-jsf-eap6 / hibernate4-validator / hornetq / etc");
      }
    }
    
  • NASL familyJunos Local Security Checks
    NASL idJUNIPER_SPACE_JSA_10838.NASL
    descriptionAccording to its self-reported version number, the remote Junos Space version is prior to 17.2R1. It is, therefore, affected by multiple vulnerabilities.
    last seen2020-06-01
    modified2020-06-02
    plugin id108520
    published2018-03-21
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108520
    titleJuniper Junos Space < 17.2R1 Multiple Vulnerabilities (JSA10838)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(108520);
      script_version("1.7");
      script_cvs_date("Date: 2019/06/11 15:17:50");
    
      script_cve_id(
        "CVE-2015-5174",
        "CVE-2015-5188",
        "CVE-2015-5220",
        "CVE-2015-5304",
        "CVE-2015-7236",
        "CVE-2015-7501",
        "CVE-2016-2141",
        "CVE-2016-8743",
        "CVE-2017-1000111",
        "CVE-2017-1000112",
        "CVE-2017-12172",
        "CVE-2017-14106",
        "CVE-2017-15098",
        "CVE-2017-3167",
        "CVE-2017-3169",
        "CVE-2017-5645",
        "CVE-2017-5664",
        "CVE-2017-7668",
        "CVE-2017-7679",
        "CVE-2017-9788",
        "CVE-2017-9798",
        "CVE-2018-0011",
        "CVE-2018-0012",
        "CVE-2018-0013"
      );
      script_bugtraq_id(
        57974,
        76771,
        77345,
        78215,
        79788,
        83329,
        91481,
        95077,
        97702,
        98888,
        99134,
        99135,
        99137,
        99170,
        99569,
        100262,
        100267,
        100872,
        100878,
        101781,
        101949
      );
    
      script_name(english:"Juniper Junos Space < 17.2R1 Multiple Vulnerabilities (JSA10838)");
      script_summary(english:"Checks the version.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote device is affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "According to its self-reported version number, the remote Junos Space
    version is prior to 17.2R1. It is, therefore, affected by multiple
    vulnerabilities.");
      script_set_attribute(attribute:"see_also", value:"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10838");
      script_set_attribute(attribute:"solution", value:"Upgrade to Junos Space 17.2R1 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/10/27");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/01/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/21");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:juniper:junos_space");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Junos Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/Junos_Space/version");
    
      exit(0);
    }
    
    include("junos.inc");
    include("misc_func.inc");
    
    ver = get_kb_item_or_exit('Host/Junos_Space/version');
    
    check_junos_space(ver:ver, fix:'17.2R1', severity:SECURITY_HOLE);
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-1432.NASL
    descriptionA jboss-ec2-eap update is now available for Red Hat JBoss Enterprise Application Platform 6.4.0 on Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2). With this update, the packages have been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.9. Security Fix(es) : * It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. (CVE-2016-2141) More information about this vulnerability is available at: https:// access.redhat.com/articles/2360521 * A directory traversal flaw was found in Tomcat
    last seen2020-06-01
    modified2020-06-02
    plugin id92401
    published2016-07-19
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/92401
    titleRHEL 6 : jboss-ec2-eap (RHSA-2016:1432)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2016:1432. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(92401);
      script_version("2.14");
      script_cvs_date("Date: 2019/10/24 15:35:41");
    
      script_cve_id("CVE-2015-5174", "CVE-2016-2141");
      script_xref(name:"RHSA", value:"2016:1432");
    
      script_name(english:"RHEL 6 : jboss-ec2-eap (RHSA-2016:1432)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A jboss-ec2-eap update is now available for Red Hat JBoss Enterprise
    Application Platform 6.4.0 on Red Hat Enterprise Linux 6.
    
    Red Hat Product Security has rated this update as having a security
    impact of Critical. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    Red Hat JBoss Enterprise Application Platform 6 is a platform for Java
    applications based on JBoss Application Server 7.
    
    The jboss-ec2-eap packages provide scripts for Red Hat JBoss
    Enterprise Application Platform running on the Amazon Web Services
    (AWS) Elastic Compute Cloud (EC2). With this update, the packages have
    been updated to ensure compatibility with Red Hat JBoss Enterprise
    Application Platform 6.4.9.
    
    Security Fix(es) :
    
    * It was found that JGroups did not require necessary headers for
    encrypt and auth protocols from new nodes joining the cluster. An
    attacker could use this flaw to bypass security restrictions, and use
    this vulnerability to send and receive messages within the cluster,
    leading to information disclosure, message spoofing, or further
    possible attacks. (CVE-2016-2141)
    
    More information about this vulnerability is available at: https://
    access.redhat.com/articles/2360521
    
    * A directory traversal flaw was found in Tomcat's and JBoss Web's
    RequestUtil.java. A remote, authenticated user could use this flaw to
    bypass intended SecurityManager restrictions and list a parent
    directory via a '/..' in a pathname used by a web application in a
    getResource, getResourceAsStream, or getResourcePaths call, as
    demonstrated by the $CATALINA_BASE/webapps directory. (CVE-2015-5174)
    
    The CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2016:1432"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2015-5174"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2016-2141"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Update the affected jboss-ec2-eap and / or jboss-ec2-eap-samples
    packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-ec2-eap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-ec2-eap-samples");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/02/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/07/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/07/19");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2016:1432";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL6", reference:"jboss-ec2-eap-7.5.9-2.Final_redhat_2.ep6.el6")) flag++;
      if (rpm_check(release:"RHEL6", reference:"jboss-ec2-eap-samples-7.5.9-2.Final_redhat_2.ep6.el6")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "jboss-ec2-eap / jboss-ec2-eap-samples");
      }
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-1332.NASL
    descriptionA security update is now available for Red Hat JBoss Enterprise Application Platform from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on Wildfly. This asynchronous patch is a security update for JGroups package in Red Hat JBoss Enterprise Application Platform 7.0 More information about this vulnerability is available at: https://access.redhat.com/articles/2360521 Security Fix(es) : * It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. (CVE-2016-2141) The CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat).
    last seen2020-06-01
    modified2020-06-02
    plugin id112243
    published2018-09-04
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/112243
    titleRHEL 6 / 7 : JBoss EAP (RHSA-2016:1332)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2016:1332. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(112243);
      script_version("1.5");
      script_cvs_date("Date: 2019/10/24 15:35:41");
    
      script_cve_id("CVE-2016-2141");
      script_xref(name:"RHSA", value:"2016:1332");
    
      script_name(english:"RHEL 6 / 7 : JBoss EAP (RHSA-2016:1332)");
      script_summary(english:"Checks the rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A security update is now available for Red Hat JBoss Enterprise
    Application Platform from the Customer Portal.
    
    Red Hat Product Security has rated this update as having a security
    impact of Critical. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java
    applications based on Wildfly.
    
    This asynchronous patch is a security update for JGroups package in
    Red Hat JBoss Enterprise Application Platform 7.0 More information
    about this vulnerability is available at:
    https://access.redhat.com/articles/2360521
    
    Security Fix(es) :
    
    * It was found that JGroups did not require necessary headers for
    encrypt and auth protocols from new nodes joining the cluster. An
    attacker could use this flaw to bypass security restrictions, and use
    this vulnerability to send and receive messages within the cluster,
    leading to information disclosure, message spoofing, or further
    possible attacks. (CVE-2016-2141)
    
    The CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2016:1332"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2016-2141"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected eap7-jgroups package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:eap7-jgroups");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/06/30");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/06/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/09/04");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(6|7)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x / 7.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2016:1332";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
    
      if (! (rpm_exists(release:"RHEL6", rpm:"eap7-jboss") || rpm_exists(release:"RHEL7", rpm:"eap7-jboss"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "JBoss EAP");
    
      if (rpm_check(release:"RHEL6", reference:"eap7-jgroups-3.6.8-3.Final_redhat_3.1.ep7.el6")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"eap7-jgroups-3.6.8-3.Final_redhat_3.1.ep7.el7")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "eap7-jgroups");
      }
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-1434.NASL
    descriptionAn update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes documented linked to in the References. Security Fix(es) : * It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. (CVE-2016-2141) More information about this vulnerability is available at: https:// access.redhat.com/articles/2360521 * A directory traversal flaw was found in Tomcat
    last seen2020-06-01
    modified2020-06-02
    plugin id112244
    published2018-09-04
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/112244
    titleRHEL 7 : JBoss EAP (RHSA-2016:1434)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2016:1434. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(112244);
      script_version("1.5");
      script_cvs_date("Date: 2019/10/24 15:35:41");
    
      script_cve_id("CVE-2015-5174", "CVE-2016-2141");
      script_xref(name:"RHSA", value:"2016:1434");
    
      script_name(english:"RHEL 7 : JBoss EAP (RHSA-2016:1434)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update is now available for Red Hat JBoss Enterprise Application
    Platform 6.4 for RHEL 7.
    
    Red Hat Product Security has rated this update as having a security
    impact of Critical. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    Red Hat JBoss Enterprise Application Platform 6 is a platform for Java
    applications based on JBoss Application Server 7.
    
    This release of Red Hat JBoss Enterprise Application Platform 6.4.9
    serves as a replacement for Red Hat JBoss Enterprise Application
    Platform 6.4.8, and includes bug fixes and enhancements, which are
    documented in the Release Notes documented linked to in the
    References.
    
    Security Fix(es) :
    
    * It was found that JGroups did not require necessary headers for
    encrypt and auth protocols from new nodes joining the cluster. An
    attacker could use this flaw to bypass security restrictions, and use
    this vulnerability to send and receive messages within the cluster,
    leading to information disclosure, message spoofing, or further
    possible attacks. (CVE-2016-2141)
    
    More information about this vulnerability is available at: https://
    access.redhat.com/articles/2360521
    
    * A directory traversal flaw was found in Tomcat's and JBoss Web's
    RequestUtil.java. A remote, authenticated user could use this flaw to
    bypass intended SecurityManager restrictions and list a parent
    directory via a '/..' in a pathname used by a web application in a
    getResource, getResourceAsStream, or getResourcePaths call, as
    demonstrated by the $CATALINA_BASE/webapps directory. (CVE-2015-5174)
    
    The CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2016:1434"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2015-5174"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2016-2141"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:apache-cxf");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glassfish-jsf-eap6");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hibernate4-validator");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:hornetq");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-appclient");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-cli");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-client-all");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-clustering");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-cmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-configadmin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-connector");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller-client");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-core-security");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-repository");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-scanner");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-http");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-management");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee-deployment");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-ejb3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-embedded");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-host-controller");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jacorb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxrs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jdr");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jmx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jpa");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsf");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsr77");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-logging");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-mail");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-management-client-content");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-messaging");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-modcluster");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-naming");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-network");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-configadmin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-service");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-picketlink");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-platform-mbean");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-pojo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-process-controller");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-protocol");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-remoting");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-sar");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-security");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-system-jmx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-threads");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-transactions");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-version");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-web");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-webservices");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-weld");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-as-xts");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-jsf-api_2.1_spec");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jboss-msc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-appclient");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-bundles");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-core");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-domain");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-javadocs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-modules-eap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-product-eap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-standalone");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossas-welcome-content-eap");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossts");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jbossweb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:picketlink-bindings");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:picketlink-federation");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xalan-j2-eap6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/02/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/07/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/09/04");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2016:1434";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
    
      if (! (rpm_exists(release:"RHEL7", rpm:"jbossas-welcome-content-eap"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "JBoss EAP");
    
      if (rpm_check(release:"RHEL7", reference:"apache-cxf-2.7.18-2.SP1_redhat_1.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"glassfish-jsf-eap6-2.1.28-11.SP10_redhat_1.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"hibernate4-validator-4.3.3-1.Final_redhat_1.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"hornetq-2.3.25-13.SP11_redhat_1.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-appclient-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-cli-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-client-all-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-clustering-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-cmp-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-configadmin-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-connector-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-controller-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-controller-client-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-core-security-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-deployment-repository-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-deployment-scanner-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-domain-http-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-domain-management-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-ee-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-ee-deployment-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-ejb3-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-embedded-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-host-controller-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-jacorb-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-jaxr-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-jaxrs-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-jdr-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-jmx-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-jpa-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-jsf-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-jsr77-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-logging-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-mail-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-management-client-content-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-messaging-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-modcluster-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-naming-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-network-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-osgi-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-osgi-configadmin-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-osgi-service-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-picketlink-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-platform-mbean-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-pojo-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-process-controller-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-protocol-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-remoting-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-sar-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-security-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-server-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-system-jmx-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-threads-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-transactions-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-version-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-web-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-webservices-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-weld-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-as-xts-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-jsf-api_2.1_spec-2.1.28-6.SP2_redhat_1.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jboss-msc-1.1.6-1.Final_redhat_1.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jbossas-appclient-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jbossas-bundles-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jbossas-core-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jbossas-domain-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jbossas-javadocs-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jbossas-modules-eap-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jbossas-product-eap-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jbossas-standalone-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jbossas-welcome-content-eap-7.5.9-2.Final_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jbossts-4.17.34-1.Final_redhat_1.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"jbossweb-7.5.17-1.Final_redhat_1.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"picketlink-bindings-2.5.4-11.SP9_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"picketlink-federation-2.5.4-11.SP9_redhat_2.1.ep6.el7")) flag++;
      if (rpm_check(release:"RHEL7", reference:"xalan-j2-eap6-2.7.1-11.redhat_11.1.ep6.el7")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache-cxf / glassfish-jsf-eap6 / hibernate4-validator / hornetq / etc");
      }
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-1330.NASL
    descriptionA security update is now available for Red Hat JBoss Enterprise Application Platform from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This asynchronous patch is a security update for JGroups package in Red Hat JBoss Enterprise Application Platform 6.4 More information about this vulnerability is available at: https://access.redhat.com/articles/2360521 Security Fix(es) : * It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks. (CVE-2016-2141) The CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat).
    last seen2020-06-01
    modified2020-06-02
    plugin id91852
    published2016-06-27
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91852
    titleRHEL 5 / 6 / 7 : JBoss EAP (RHSA-2016:1330)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2016:1330. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(91852);
      script_version("2.11");
      script_cvs_date("Date: 2019/10/24 15:35:41");
    
      script_cve_id("CVE-2016-2141");
      script_xref(name:"RHSA", value:"2016:1330");
    
      script_name(english:"RHEL 5 / 6 / 7 : JBoss EAP (RHSA-2016:1330)");
      script_summary(english:"Checks the rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A security update is now available for Red Hat JBoss Enterprise
    Application Platform from the Customer Portal.
    
    Red Hat Product Security has rated this update as having a security
    impact of Critical. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    Red Hat JBoss Enterprise Application Platform 6 is a platform for Java
    applications based on JBoss Application Server 7.
    
    This asynchronous patch is a security update for JGroups package in
    Red Hat JBoss Enterprise Application Platform 6.4 More information
    about this vulnerability is available at:
    https://access.redhat.com/articles/2360521
    
    Security Fix(es) :
    
    * It was found that JGroups did not require necessary headers for
    encrypt and auth protocols from new nodes joining the cluster. An
    attacker could use this flaw to bypass security restrictions, and use
    this vulnerability to send and receive messages within the cluster,
    leading to information disclosure, message spoofing, or further
    possible attacks. (CVE-2016-2141)
    
    The CVE-2016-2141 issue was discovered by Dennis Reed (Red Hat)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2016:1330"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2016-2141"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected jgroups package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:jgroups");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/06/30");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/06/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/06/27");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(5|6|7)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x / 6.x / 7.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2016:1330";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
    
      if (! (rpm_exists(release:"RHEL5", rpm:"jbossas-welcome-content-eap") || rpm_exists(release:"RHEL6", rpm:"jbossas-welcome-content-eap") || rpm_exists(release:"RHEL7", rpm:"jbossas-welcome-content-eap"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "JBoss EAP");
    
      if (rpm_check(release:"RHEL5", reference:"jgroups-3.2.16-1.Final_redhat_1.1.ep6.el5")) flag++;
    
      if (rpm_check(release:"RHEL6", reference:"jgroups-3.2.16-1.Final_redhat_1.1.ep6.el6")) flag++;
    
      if (rpm_check(release:"RHEL7", reference:"jgroups-3.2.16-1.Final_redhat_1.1.ep6.el7")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "jgroups");
      }
    }
    

Redhat

advisories
  • rhsa
    idRHSA-2016:1328
  • rhsa
    idRHSA-2016:1329
  • rhsa
    idRHSA-2016:1330
  • rhsa
    idRHSA-2016:1331
  • rhsa
    idRHSA-2016:1332
  • rhsa
    idRHSA-2016:1333
  • rhsa
    idRHSA-2016:1334
  • rhsa
    idRHSA-2016:1345
  • rhsa
    idRHSA-2016:1346
  • rhsa
    idRHSA-2016:1347
  • rhsa
    idRHSA-2016:1374
  • rhsa
    idRHSA-2016:1376
  • rhsa
    idRHSA-2016:1389
  • rhsa
    idRHSA-2016:1432
  • rhsa
    idRHSA-2016:1433
  • rhsa
    idRHSA-2016:1434
  • rhsa
    idRHSA-2016:1435
  • rhsa
    idRHSA-2016:1439
  • rhsa
    idRHSA-2016:2035
rpms
  • jgroups-1:2.6.22-2.ep5.el4
  • jgroups-1:2.6.22-2.ep5.el5
  • jgroups-1:2.6.22-2.ep5.el6
  • jgroups-1:3.2.16-1.Final_redhat_1.1.ep6.el5
  • jgroups-1:3.2.16-1.Final_redhat_1.1.ep6.el6
  • jgroups-1:3.2.16-1.Final_redhat_1.1.ep6.el7
  • eap7-jgroups-0:3.6.8-3.Final_redhat_3.1.ep7.el6
  • eap7-jgroups-0:3.6.8-3.Final_redhat_3.1.ep7.el7
  • jboss-ec2-eap-0:7.5.9-2.Final_redhat_2.ep6.el6
  • jboss-ec2-eap-samples-0:7.5.9-2.Final_redhat_2.ep6.el6
  • apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el6
  • glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el6
  • hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el6
  • hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el6
  • jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el6
  • jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el6
  • jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el6
  • jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el6
  • jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el6
  • picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el6
  • picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el6
  • xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el6
  • apache-cxf-0:2.7.18-2.SP1_redhat_1.1.ep6.el7
  • glassfish-jsf-eap6-0:2.1.28-11.SP10_redhat_1.1.ep6.el7
  • hibernate4-validator-0:4.3.3-1.Final_redhat_1.1.ep6.el7
  • hornetq-0:2.3.25-13.SP11_redhat_1.1.ep6.el7
  • jboss-as-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-cli-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-client-all-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-clustering-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-cmp-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-connector-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-controller-client-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-core-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-deployment-repository-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-deployment-scanner-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-domain-http-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-domain-management-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-ee-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-ee-deployment-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-ejb3-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-embedded-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-host-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-jacorb-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-jaxr-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-jaxrs-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-jdr-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-jpa-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-jsf-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-jsr77-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-logging-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-mail-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-management-client-content-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-messaging-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-modcluster-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-naming-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-network-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-osgi-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-osgi-configadmin-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-osgi-service-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-picketlink-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-platform-mbean-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-pojo-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-process-controller-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-protocol-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-remoting-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-sar-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-security-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-server-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-system-jmx-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-threads-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-transactions-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-version-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-web-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-webservices-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-weld-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-as-xts-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jboss-jsf-api_2.1_spec-0:2.1.28-6.SP2_redhat_1.1.ep6.el7
  • jboss-msc-0:1.1.6-1.Final_redhat_1.1.ep6.el7
  • jbossas-appclient-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jbossas-bundles-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jbossas-core-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jbossas-domain-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jbossas-javadocs-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jbossas-modules-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jbossas-product-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jbossas-standalone-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jbossas-welcome-content-eap-0:7.5.9-2.Final_redhat_2.1.ep6.el7
  • jbossts-1:4.17.34-1.Final_redhat_1.1.ep6.el7
  • jbossweb-0:7.5.17-1.Final_redhat_1.1.ep6.el7
  • picketlink-bindings-0:2.5.4-11.SP9_redhat_2.1.ep6.el7
  • picketlink-federation-0:2.5.4-11.SP9_redhat_2.1.ep6.el7
  • xalan-j2-eap6-0:2.7.1-11.redhat_11.1.ep6.el7

References