ID CVE-2006-5750
Summary Directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server (jbossas) 3.2.4 through 4.0.5 allows remote authenticated users to read or modify arbitrary files, and possibly execute arbitrary code, via unspecified vectors related to the console manager.
References
Vulnerable Configurations
  • cpe:2.3:a:jboss:jboss_application_server:3.2.5_final
    cpe:2.3:a:jboss:jboss_application_server:3.2.5_final
  • cpe:2.3:a:jboss:jboss_application_server:3.2.6_final
    cpe:2.3:a:jboss:jboss_application_server:3.2.6_final
  • cpe:2.3:a:jboss:jboss_application_server:3.2.7_final
    cpe:2.3:a:jboss:jboss_application_server:3.2.7_final
  • cpe:2.3:a:jboss:jboss_application_server:3.2.8.sp1
    cpe:2.3:a:jboss:jboss_application_server:3.2.8.sp1
  • cpe:2.3:a:jboss:jboss_application_server:3.2.8_final
    cpe:2.3:a:jboss:jboss_application_server:3.2.8_final
  • cpe:2.3:a:jboss:jboss_application_server:4.0.0_final
    cpe:2.3:a:jboss:jboss_application_server:4.0.0_final
  • cpe:2.3:a:jboss:jboss_application_server:4.0.1_final
    cpe:2.3:a:jboss:jboss_application_server:4.0.1_final
  • cpe:2.3:a:jboss:jboss_application_server:4.0.1_sp1
    cpe:2.3:a:jboss:jboss_application_server:4.0.1_sp1
  • cpe:2.3:a:jboss:jboss_application_server:4.0.2_final
    cpe:2.3:a:jboss:jboss_application_server:4.0.2_final
  • cpe:2.3:a:jboss:jboss_application_server:4.0.3_final
    cpe:2.3:a:jboss:jboss_application_server:4.0.3_final
  • cpe:2.3:a:jboss:jboss_application_server:4.0.4.ga
    cpe:2.3:a:jboss:jboss_application_server:4.0.4.ga
  • cpe:2.3:a:jboss:jboss_application_server:4.0.5.ga
    cpe:2.3:a:jboss:jboss_application_server:4.0.5.ga
CVSS
Base: 7.5 (as of 27-11-2006 - 15:15)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_JBOSS-2309.NASL
    description This update fixes a problem in the JBOSS server where it was possible to potentially execute code if the console manager was enabled. (CVE-2006-5750)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27281
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27281
    title openSUSE 10 Security Update : jboss (jboss-2309)
  • NASL family CGI abuses
    NASL id JBOSS_DEPLOYMENTFILEREPOSITORY_DIR_TRAVERSAL.NASL
    description The remote web server appears to be a version of JBoss that fails to sanitize user-supplied input to the BaseDir parameter used by the 'DeploymentFileRepository' service of JMX Console before using it to store or delete files. An unauthenticated attacker may be able to exploit this to alter files on the remote host subject to the privileges of the JBoss user.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 23843
    published 2006-12-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23843
    title JBoss Application Server (jbossas) JMX Console DeploymentFileRepository Traversal Arbitrary File Manipulation
  • NASL family SuSE Local Security Checks
    NASL id SUSE_JBOSS4-2304.NASL
    description This update fixes a problem in the JBOSS server where it was possible to potentially execute code if the console manager was enabled. (CVE-2006-5750)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27282
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27282
    title openSUSE 10 Security Update : jboss4 (jboss4-2304)
packetstorm via4
data source https://packetstormsecurity.com/files/download/89294/jboss_deploymentfilerepository.rb.txt
id PACKETSTORM:89294
last seen 2016-12-05
published 2010-05-08
reporter MC
source https://packetstormsecurity.com/files/89294/JBoss-Java-Class-DeploymentFileRepository-Directory-Traversal.html
title JBoss Java Class DeploymentFileRepository Directory Traversal
redhat via4
advisories
rhsa
id RHSA-2006:0743
refmap via4
bid 21219
bugtraq
  • 20061127 SYMSA-2006-011: JBoss Java Class DeploymentFileRepository Directory Traversal
  • 20061128 Re: SYMSA-2006-011: JBoss Java Class DeploymentFileRepository Directory Traversal
confirm
hp
  • HPSBST02318
  • SSRT080018
osvdb 30767
sectrack 1017289
secunia
  • 23095
  • 23984
  • 24104
  • 29726
suse SUSE-SR:2007:002
vupen
  • ADV-2006-4724
  • ADV-2006-4726
  • ADV-2007-0554
  • ADV-2008-1155
Last major update 07-03-2011 - 21:43
Published 27-11-2006 - 15:07
Last modified 17-10-2018 - 17:44
Back to Top