Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to bypass the CSRF protection mechanism via unknown attack vectors.

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0638 advisory.

    OpenShift Enterprise is a cloud computing Platform-as-a-Service (PaaS)     solution from Red Hat, and is designed for on-premise or private cloud     deployments.

    A flaw was found in the handling of paths provided to ruby193-rubygem-rack.
    A remote attacker could use this flaw to conduct a directory traversal     attack by passing malformed requests. (CVE-2013-0262)

    A timing attack flaw was found in the way rubygem-rack and     ruby193-rubygem-rack processed HMAC digests in cookies. This flaw could aid     an attacker using forged digital signatures to bypass authentication     checks. (CVE-2013-0263)

    It was found that Jenkins did not protect against Cross-Site Request     Forgery (CSRF) attacks. If a remote attacker could trick a user, who was     logged into Jenkins, into visiting a specially-crafted URL, the attacker     could perform operations on Jenkins. (CVE-2013-0327, CVE-2013-0329)

    A cross-site scripting (XSS) flaw was found in Jenkins. A remote attacker     could use this flaw to conduct an XSS attack against users of Jenkins.
    (CVE-2013-0328)

    A flaw could allow a Jenkins user to build jobs they do not have access to.
    (CVE-2013-0330)

    A flaw could allow a Jenkins user to cause a denial of service if they     are able to supply a specially-crafted payload. (CVE-2013-0331)

    Users are advised to upgrade to Red Hat OpenShift Enterprise 1.1.2. It is     recommended that you restart your system after applying this update.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote web server hosts a version of Jenkins or Jenkins Enterprise that is affected by multiple vulnerabilities :

  - An unspecified cross-site scripting vulnerability.
   (CVE-2013-0328)

  - Multiple unspecified cross-site request forgery     vulnerabilities. (CVE-2013-0327, CVE-2013-0329)

  - An unspecified denial of service vulnerability.
    (CVE-2013-0331)

  - An unspecified security bypass vulnerability exists     that could allow an attacker to build otherwise     restricted jobs. (CVE-2013-0330)

ID	Name	Product	Family	Severity
119433	RHEL 6 : Red Hat OpenShift Enterprise 1.1.2 update (Moderate) (RHSA-2013:0638)	Nessus	Red Hat Local Security Checks	medium
65056	Jenkins < 1.502 / 1.480.3 and Jenkins Enterprise 1.447.x / 1.466.x / 1.480.x < 1.447.7.1 / 1.466.13.1 / 1.480.3.1 Multiple Vulnerabilities	Nessus	CGI abuses	high

Detections

Analytics

CVE-2013-0329

high

Tenable Plugins

medium

high