Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 APP:JBOSS-JMX-AUTH-BYPASS

Severity

 Critical

Recommended

 No

Recommended Action

 Drop

Category

 APP

Keywords

 RedHat JBoss Enterprise Application Platform JMX Console Authentication Bypass

Release Date

 2010/09/28

Update Number

 1780

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: RedHat JBoss Enterprise Application Platform JMX Console Authentication Bypass


This signature detects attempts to exploit a known authentication bypass vulnerability in the RedHat JBoss Enterprise Application Platform JMX Console. This is caused by the authentication policy within the application that only enforces restrictions for GET and POST methods, other HTTP request verbs bypass authentication. Unauthenticated remote attackers can exploit this to gain administrative access to JBoss JMX management console and to upload and execute arbitrary Java code within the security context of the JBoss server process, normally SYSTEM on Windows platforms.

Extended Description

JBoss Enterprise Application Platform is prone to multiple vulnerabilities, including an information-disclosure issue and multiple authentication-bypass issues. An attacker can exploit these issues to bypass certain security restrictions to obtain sensitive information or gain unauthorized access to the application.

Affected Products

  • Hp business_availability_center 6
  • Hp business_availability_center 7.55
  • Hp business_availability_center 8.01
  • Hp business_availability_center 8.05
  • Hp business_availability_center 8.06
  • Hp business_availability_center 8.07
  • Hp business_availability_center
  • Hp business_service_management 9.01
  • Hp business_service_management 9.12
  • Red_hat jboss_application_server 5
  • Red_hat jboss_application_server 5.0.0
  • Red_hat jboss_application_server 5.X
  • Red_hat jboss_enterprise_application_platform 4.2.0
  • Red_hat jboss_enterprise_application_platform 4.2.0 EL4
  • Red_hat jboss_enterprise_application_platform 4.2.0 EL5
  • Red_hat jboss_enterprise_application_platform 4.3.0
  • Red_hat jboss_enterprise_application_platform 4.3.0 EL4
  • Red_hat jboss_enterprise_application_platform 4.3.0 EL5
  • Red_hat jboss_enterprise_application_platform 5.0.0
  • Red_hat jboss_enterprise_application_platform 5.1.0
  • Red_hat jboss_enterprise_application_platform 5.1.1
  • Red_hat jboss_enterprise_application_platform 5 EL4
  • Red_hat jboss_enterprise_application_platform 5 EL5
  • Red_hat jboss_enterprise_application_platform 5 EL6

References

  • BugTraq: 72432
  • BugTraq: 39710
  • CVE: CVE-2007-1036
  • CVE: CVE-2010-0738
  • CVE: CVE-2014-7883
  • URL: http://www.redteam-pentesting.de/publications/jboss
  • URL: https://rhn.redhat.com/errata/RHSA-2010-0378.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out