JBoss Portal 6.1.0 Update (RHSA-2013:1437)

high Nessus Plugin ID 72237

Language:

Synopsis

The remote Red Hat host is missing a security update.

Description

The version of JBoss Enterprise Portal Platform on the remote system is affected by the following issues:

- A flaw in CSRF prevention filter in JBoss Web could allow remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier. (CVE-2012-4431)

- A flaw that occurs when the COOKIE session tracking method is used can allow attackers to hijack users' sessions. (CVE-2012-4529)

- A flaw that occurs when multiple applications use the same custom authorization module class name can allow a local attacker to deploy a malicious application that overrides the custom authorization modules provided by other applications. (CVE-2012-4572)

- The framework does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting. This can allow remote attackers to force the system to use weaker cryptographic algorithms than intended and makes it easier to decrypt communications.
(CVE-2012-5575)

- A flaw in PicketBox can allow local users to obtain the admin encryption key by reading the Vault data file.
(CVE-2013-1921)

- A session fixation flaw was found in the FormAuthenticator module. (CVE-2013-2067)

- A flaw that occurs when a JGroups channel was started results in the JGroups diagnostics service being enabled by default with no authentication via IP multicast. A remote attacker can make use of this flaw to read diagnostics information. (CVE-2013-2102)

- A flaw in the StAX parser implementation can allow remote attackers to cause a denial of service via crafted XML. (CVE-2013-2160)

- A flaw in Apache Santuario XML Security can allow context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak algorithm. (CVE-2013-2172)

- A flaw in JGroup's DiagnosticsHandler can allow remote attackers to obtain sensitive information and execute arbitrary code by re-using valid credentials.
(CVE-2013-4112)

- A flaw in the manner in which authenticated connections were cached on the server by remote-naming can allow remote attackers to hijack sessions by using a remoting client. (CVE-2013-4128)

- A flaw in the manner in which connections for EJB invocations were cached on the server can allow remote attackers to hijack sessions by using an EJB client.
(CVE-2013-4213)

Solution

Upgrade the installed JBoss Portal 6.0.0 to 6.1.0 or later.

Plugin Details

Severity: High

ID: 72237

File Name: redhat-RHSA-2013-1437.nasl

Version: 1.11

Type: local

Agent: unix

Family: Red Hat Local Security Checks

Published: 1/31/2014

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Information

CPE: cpe:/a:redhat:jboss_enterprise_portal_platform:6.1.0

Required KB Items: Host/local_checks_enabled, Host/RedHat/release

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/16/2013

Vulnerability Publication Date: 10/10/2012

Reference Information

CVE: CVE-2012-4431, CVE-2012-4529, CVE-2012-4572, CVE-2012-5575, CVE-2013-1921, CVE-2013-2067, CVE-2013-2102, CVE-2013-2160, CVE-2013-2172, CVE-2013-4112, CVE-2013-4128, CVE-2013-4213

BID: 60846, 56814, 59799, 60040, 60043, 60045, 61030, 61179, 61739, 61742, 62256, 63196

RHSA: 2013:1437

Detections

Analytics