RHEL 4 / 5 : jbossweb (RHSA-2010:0584)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing a security update.

Description :

An updated jbossweb package that fixes two security issues is now
available for JBoss Enterprise Application Platform 4.2 and 4.3 for
Red Hat Enterprise Linux 4 and 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS)
base scores, which give detailed severity ratings, are available for
each vulnerability from the CVE links in the References section.

JBoss Web is the web container, based on Apache Tomcat, in JBoss
Enterprise Application Platform. It provides a single deployment
platform for the JavaServer Pages (JSP) and Java Servlet technologies,
Microsoft .NET, PHP, and CGI.

A flaw was found in the way JBoss Web handled the Transfer-Encoding
header in HTTP requests. A specially-crafted HTTP request could
prevent JBoss Web from sending replies, or cause JBoss Web to return
truncated replies, or replies containing data related to the requests
of other users, for all subsequent HTTP requests. (CVE-2010-2227)

A possible minor information leak was found in the way JBoss Web
generated HTTP BASIC and DIGEST authentication requests. For
configurations where a realm name was not specified and JBoss Web was
accessed via a proxy, the default generated realm contained the
hostname and port used by the proxy to send requests to the JBoss Web
server. (CVE-2010-1157)

Users of JBoss Web should upgrade to this updated package, which
upgrades JBoss Web to version 2.0.0.CP14, and resolves these issues.
The JBoss server process must be restarted for this update to take
effect.

See also :

https://www.redhat.com/security/data/cve/CVE-2010-1157.html
https://www.redhat.com/security/data/cve/CVE-2010-2227.html
http://tomcat.apache.org/security-6.html
http://rhn.redhat.com/errata/RHSA-2010-0584.html

Solution :

Update the affected jbossweb package.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P)
CVSS Temporal Score : 5.6
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Red Hat Local Security Checks

Nessus Plugin ID: 63942 ()

Bugtraq ID: 39635
41544

CVE ID: CVE-2010-1157
CVE-2010-2227