rhsa-2006_0743
Vulnerability from csaf_redhat
Published
2006-11-27 15:42
Modified
2024-11-22 00:38
Summary
Red Hat Security Advisory: jbossas security update
Notes
Topic
An updated jbossas package that corrects a security vulnerability is now
available for Red Hat Application Stack.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
JBoss Application Server is a J2EE certified platform for developing and
deploying enterprise Java applications, Web applications, and Portals.
Symantec discovered a flaw in the DeploymentFileRepository class of the
JBoss Application Server. A remote attacker who is able to access the
console manager could read or write to files with the permissions of the
JBoss user. This could potentially lead to arbitrary code execution as the
jboss user. (CVE-2006-5750)
For the Red Hat Application Stack, the jbossas service is not enabled by
default. Once the jbossas service is enabled, the console manager will
become accessible on port 8080. Although port 8080 will be blocked from
outside access by the default Red Hat Enterprise Linux firewall rules,
users should ensure that the console is not available publicly and is
adequately protected by authentication as explained in the JBoss
documentation. A correct configuration of the JBoss Application Server
would mitigate this vulnerability to only being exploitable by users who
have authorization to use the console manager.
All users of Red Hat Application Stack are advised to upgrade to these
updated packages, which resolve the directory traversal issue with a
backported patch.
These updated packages also contain a change to the default jbossas
configuration file. For users installing Red Hat Application Stack for the
first time, all JBoss Application Server network services, including the
management consoles, will be restricted by default to localhost. No change
is made for users upgrading previously installed jbossas packages.
Users who already have Red Hat Application Stack installed should check to
make sure that they have correctly followed the security guidelines and
that the management consoles are not accessible to unauthorized users.
Red Hat would like to thank Symantec for reporting this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated jbossas package that corrects a security vulnerability is now\navailable for Red Hat Application Stack.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "JBoss Application Server is a J2EE certified platform for developing and\ndeploying enterprise Java applications, Web applications, and Portals.\n\nSymantec discovered a flaw in the DeploymentFileRepository class of the\nJBoss Application Server. A remote attacker who is able to access the\nconsole manager could read or write to files with the permissions of the\nJBoss user. This could potentially lead to arbitrary code execution as the\njboss user. (CVE-2006-5750)\n\nFor the Red Hat Application Stack, the jbossas service is not enabled by\ndefault. Once the jbossas service is enabled, the console manager will\nbecome accessible on port 8080. Although port 8080 will be blocked from\noutside access by the default Red Hat Enterprise Linux firewall rules,\nusers should ensure that the console is not available publicly and is\nadequately protected by authentication as explained in the JBoss\ndocumentation. A correct configuration of the JBoss Application Server\nwould mitigate this vulnerability to only being exploitable by users who\nhave authorization to use the console manager.\n\nAll users of Red Hat Application Stack are advised to upgrade to these\nupdated packages, which resolve the directory traversal issue with a\nbackported patch.\n\nThese updated packages also contain a change to the default jbossas\nconfiguration file. For users installing Red Hat Application Stack for the\nfirst time, all JBoss Application Server network services, including the\nmanagement consoles, will be restricted by default to localhost. No change\nis made for users upgrading previously installed jbossas packages. \n\nUsers who already have Red Hat Application Stack installed should check to\nmake sure that they have correctly followed the security guidelines and\nthat the management consoles are not accessible to unauthorized users. \n\nRed Hat would like to thank Symantec for reporting this issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2006:0743",
"url": "https://access.redhat.com/errata/RHSA-2006:0743"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://kbase.redhat.com/faq/FAQ_107_9629.shtm",
"url": "http://kbase.redhat.com/faq/FAQ_107_9629.shtm"
},
{
"category": "external",
"summary": "215828",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=215828"
},
{
"category": "external",
"summary": "216177",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=216177"
},
{
"category": "external",
"summary": "216786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=216786"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0743.json"
}
],
"title": "Red Hat Security Advisory: jbossas security update",
"tracking": {
"current_release_date": "2024-11-22T00:38:53+00:00",
"generator": {
"date": "2024-11-22T00:38:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2006:0743",
"initial_release_date": "2006-11-27T15:42:00+00:00",
"revision_history": [
{
"date": "2006-11-27T15:42:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2006-11-27T10:42:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T00:38:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Application Stack v1 for Enterprise Linux AS (v.4)",
"product": {
"name": "Red Hat Application Stack v1 for Enterprise Linux AS (v.4)",
"product_id": "4AS-RHWAS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_application_stack:1"
}
}
},
{
"category": "product_name",
"name": "Red Hat Application Stack v1 for Enterprise Linux ES (v.4)",
"product": {
"name": "Red Hat Application Stack v1 for Enterprise Linux ES (v.4)",
"product_id": "4ES-RHWAS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_application_stack:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Application Stack"
},
{
"branches": [
{
"category": "product_version",
"name": "jbossas-0:4.0.4-1.el4s1.25.src",
"product": {
"name": "jbossas-0:4.0.4-1.el4s1.25.src",
"product_id": "jbossas-0:4.0.4-1.el4s1.25.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas@4.0.4-1.el4s1.25?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbossas-0:4.0.4-1.el4s1.25.noarch",
"product": {
"name": "jbossas-0:4.0.4-1.el4s1.25.noarch",
"product_id": "jbossas-0:4.0.4-1.el4s1.25.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas@4.0.4-1.el4s1.25?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.0.4-1.el4s1.25.noarch as a component of Red Hat Application Stack v1 for Enterprise Linux AS (v.4)",
"product_id": "4AS-RHWAS:jbossas-0:4.0.4-1.el4s1.25.noarch"
},
"product_reference": "jbossas-0:4.0.4-1.el4s1.25.noarch",
"relates_to_product_reference": "4AS-RHWAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.0.4-1.el4s1.25.src as a component of Red Hat Application Stack v1 for Enterprise Linux AS (v.4)",
"product_id": "4AS-RHWAS:jbossas-0:4.0.4-1.el4s1.25.src"
},
"product_reference": "jbossas-0:4.0.4-1.el4s1.25.src",
"relates_to_product_reference": "4AS-RHWAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.0.4-1.el4s1.25.noarch as a component of Red Hat Application Stack v1 for Enterprise Linux ES (v.4)",
"product_id": "4ES-RHWAS:jbossas-0:4.0.4-1.el4s1.25.noarch"
},
"product_reference": "jbossas-0:4.0.4-1.el4s1.25.noarch",
"relates_to_product_reference": "4ES-RHWAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-0:4.0.4-1.el4s1.25.src as a component of Red Hat Application Stack v1 for Enterprise Linux ES (v.4)",
"product_id": "4ES-RHWAS:jbossas-0:4.0.4-1.el4s1.25.src"
},
"product_reference": "jbossas-0:4.0.4-1.el4s1.25.src",
"relates_to_product_reference": "4ES-RHWAS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-5750",
"discovery_date": "2006-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618224"
}
],
"notes": [
{
"category": "description",
"text": "Directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server (jbossas) 3.2.4 through 4.0.5 allows remote authenticated users to read or modify arbitrary files, and possibly execute arbitrary code, via unspecified vectors related to the console manager.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"4AS-RHWAS:jbossas-0:4.0.4-1.el4s1.25.noarch",
"4AS-RHWAS:jbossas-0:4.0.4-1.el4s1.25.src",
"4ES-RHWAS:jbossas-0:4.0.4-1.el4s1.25.noarch",
"4ES-RHWAS:jbossas-0:4.0.4-1.el4s1.25.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2006-5750"
},
{
"category": "external",
"summary": "RHBZ#1618224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618224"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2006-5750",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-5750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-5750"
}
],
"release_date": "2006-11-27T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2006-11-27T15:42:00+00:00",
"details": "Before applying this update, make sure that the jbossas service is not\nrunning and all previously released errata relevant to your system have\nbeen applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"4AS-RHWAS:jbossas-0:4.0.4-1.el4s1.25.noarch",
"4AS-RHWAS:jbossas-0:4.0.4-1.el4s1.25.src",
"4ES-RHWAS:jbossas-0:4.0.4-1.el4s1.25.noarch",
"4ES-RHWAS:jbossas-0:4.0.4-1.el4s1.25.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2006:0743"
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "security flaw"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…