This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
The version of JBoss Enterprise Application Platform running on the
remote system is vulnerable to the following issues:
- A flaw in the way authenticated connections are cached
on the server by remote-naming could allow a remote
attacker to log in as another user without knowing
their password. (CVE-2013-4128)
- A flaw in the way connections for remote EJB
invocations via the EJB client API are cached on the
server could allow a remote attacker to use an EJB
client to log in as another user without knowing their
See also :
Apply the appropriate JBoss Enterprise Application Platform 6.1.0
Risk factor :
Medium / CVSS Base Score : 6.4
CVSS Temporal Score : 5.6
Public Exploit Available : false
Family: Red Hat Local Security Checks
Nessus Plugin ID: 72261 ()
Bugtraq ID: 6173961742
CVE ID: CVE-2013-4128CVE-2013-4213
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.